Administration Model for RBAC
The central ideal of administration model for RBAC is to use the role itself to manage roles. There are two well-known families of administration RBAC models.
The Administrative RBAC family of models known as ARBAC97  introduces administrative roles that are used to manage the regular roles. These roles can form a role hierarchy and may have constraints. ARBAC97 consists of three administrative models, the user-role assignment (URA97) model, the permission-role assignment (PRA97) model, and the role-role administration (RRA97) model. URA97 defines which administrative roles can assign which users to which regular roles by means of the relation: can_assign. Similarly, PRA97 defines which administrative roles can assign which permissions to which regular roles by means of the relation: can_assignp. Each of these relations also has a counterpart for revoking the assignment (e.g., can_revoke). RRA97 defines which administrative roles can change the structure (add roles, delete roles, add edges, etc.) of which range of the regular roles using the notion of encapsulated range and the relation: can_modify.
Scoped Administrative RBAC
The SARBAC model uses the notion of administrative scope to ensure that any operations executed by a role r will not affect other roles due to the hierarchical relations among them . There are no special administrative roles in SARBAC, and each regular role has a scope of other regular roles called administrative scope that can be managed by it. Each role can only be managed by its administrators. For example, a senior-most role should be able to manage all its junior roles.
ARBAC model is the first known role-based administration model and uses the notion of range and encapsulated range. Role range is essentially a set of regular roles. To avoid undesirable side effects, RRA97 requires that all role ranges in the can_modify relation be encapsulated, which means the range should have exactly one senior-most role and one junior-most role. Sandhu et al. later extended the ARBAC97 model into ARBAC99 model where the notion of mobile and immobile user/permission was introduced . Oh et al. later extended ARBAC99 to ARBAC02 by adding the notion of organizational structure to redefine the user-role assignment and the role-permission assignment . Recently, Zhang et al. have proposed an ARBAC07 model that extends the family of ARBAC models to deal with an RBAC model that allows hybrid hierarchies to co-exit .
The most important notion in SARBAC is that of the administrative scope, which is similar to the notion of encapsulated range in ARBAC97. A role r is said to be within the administrative scope of another role a if every path upwards from r goes through a; and a is said to be the administrator of r. SARBAC also consists of three models: SARBAC-RHA, SARBAC-URA, and SARBAC-PRA. In SARBAC-RHA, each role can only administer the roles that are within its own administrative scope. The operations include adding roles, deleting roles, adding permissions, and deleting permissions. The semantics for SARBAC-URA and SARBAC-PRA is similar to URA97 and PRA97. The administrativescope can change dynamically. Zhang et al. have extended SARBAC to also deal with hybrid hierarchy .
- 2.Oh S, Sandhu R. A model for role administration using organization structure. In: Proceedings of the 7th ACM symposium on access control models and technologies, 2002. p. 155–62.Google Scholar
- 4.Sandhu R, Munawer Q. The ARBAC99 model for administration of roles (1999). In: Proceedings of the 15th computer security applications conference, Arizona, 1999. p. 229.Google Scholar
- 5.Zhang Y, James B, Joshi D. SARBAC07: scoped administration model for RBAC with hybrid hierarchy. In: Proceedings of the 3rd international symposium on information assurance and security, 2007, p. 149–54.Google Scholar
- 6.Zhang Y, Joshi JBD. ARBAC07: a role based administration model for RBAC with hybrid hierarchy. In: Proceedings of the IEEE international conference information reuse and integration, 2007, p. 196–202.Google Scholar