Skip to main content
SpringerLink
Log in
Book cover

Encyclopedia of Database Systems pp 1–7Cite as

Role Based Access Control

  • Living reference work entry
  • First Online:

  • 99 Accesses

Synonyms

RBAC; Role based security

Definition

Access control is a security service responsible for defining which subjects can perform what type of operations on which objects. A subject is typically an active entity such as a user or a process, and an object is an entity, such as a file, database table or a field, on which the subject can perform some authorized operations. A permission indicates the mode of operation on a particular object.

Role based access control (RBAC) involves controlling access to computer resources and information by (i) defining users, roles, and permissions, and (ii) assigning users and permissions to roles. A user can create a sessionin which he/she can activate a subset of the roles he/she has been assigned to and use the permissions associated with the activated roles. RBAC approach is based on the understanding that a user’s access needs are defined by the roles that he/she plays within his/her organization. In general, a role is considered as a group...

This is a preview of subscription content, log in via an institution.

Recommended Reading

  1. Ahn G, Sandhu R. Role-based authorization constraints specification. ACM Trans Inf Syst Secur. 2000;3(4):207–26.

    Article  Google Scholar 

  2. American National Standard for Information Technology (ANSI). Role based access control. ANSI INCITS 359-2004, February 2004.

    Google Scholar 

  3. Bertino E, Bonatti PA, Ferrari E. TRBAC: a temporal role-based access control model. ACM Trans Inf Syst Secur. 2001;4(3):191–233.

    Article  Google Scholar 

  4. Bertino E, Catania B, Damiani ML, Perlasca P. GEO-RBAC: a spatially aware RBAC. In: Proceedings of 10th ACM Symposium on Access Control Models and Technologies; 2005. p. 29–37.

    Google Scholar 

  5. Chandran SM, Joshi JBD. LoT RBAC: a location and time-based RBAC model. In: Proceedings of 6th International Conference on Web Information Systems Engineering; 2005. p. 361–75.

    Google Scholar 

  6. Crampton J, Loizou G. Administrative scope: a foundation for role-based administrative models. ACM Trans Inf Syst Secur. 2003;6(2):201–31.

    Article  Google Scholar 

  7. Joshi JBD, Bertino E, Latif U, Ghafoor A. A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng. 2005;17(1):4–23.

    Article  Google Scholar 

  8. Joshi JBD, Shafiq B, Ghafoor A, Bertino E. Dependencies and separation of duty constraints in GTRBAC. In: Proceedings of 8th ACM Symposium on Access Control Models and Technologies; 2003. p. 51–64.

    Google Scholar 

  9. Nyanchama M, Osborn SL. The role graph model. In: Proceedings of 1st ACM Workshop on Role-Based Access Control; 1995.

    Google Scholar 

  10. Osborn S, Sandhu R, Munawer Q. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans Inf Syst Secur. 2000;3:85–106.

    Article  Google Scholar 

  11. Piromruen S, Joshi JBD. An RBAC framework for time constrained secure interoperation in multi-domain environment. In: Proceedings of IEEE Workshop on Object-oriented Real-time Dependable Systems; 2005. p. 36–45.

    Google Scholar 

  12. Sandhu RS, Coyne EJ, Feinstein HL, Youman CE. Role-based access control models. IEEE Comput. 1996;29(2):38–47.

    Article  Google Scholar 

  13. Sandhu R, Bhamidipati V, Munawer Q. The ARBAC97 model for role-based administration of roles. ACM Trans Inf Syst Secur. 1999;2(1):105–35.

    Article  Google Scholar 

  14. Shafiq B, Joshi JBD, Bertino E, Ghafoor A. Secure interoperation in a multi-domain environment employing RBAC policies. IEEE Trans Knowl Data Eng. 2005;17(11):1557–77.

    Article  Google Scholar 

  15. Zhang L, Ahn G, Chu B. A role-based delegation framework for healthcare information systems. In: Proceedings of 7th ACM Symposium on Access Control Models and Technologies; 2002. p. 125–34.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Pittsburgh, Pittsburgh, PA, USA

    Yue Zhang & James B. D. Joshi

Authors
  1. Yue Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. James B. D. Joshi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Yue Zhang or James B. D. Joshi .

Editor information

Editors and Affiliations

  1. Georgia Institute of Technology College of Computing, Atlanta, Georgia, USA

    Ling Liu

  2. University of Waterloo School of Computer Science, Waterloo, Ontario, Canada

    M. Tamer Özsu

Section Editor information

  1. DiSTA, Univ. of Insubria, Via Mazzini, 5, 21100, Varese, Italy

    Elena Ferrari

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer Science+Business Media New York

About this entry

Cite this entry

Zhang, Y., Joshi, J.B.D. (2014). Role Based Access Control. In: Liu, L., Özsu, M. (eds) Encyclopedia of Database Systems. Springer, New York, NY. https://doi.org/10.1007/978-1-4899-7993-3_320-2

Download citation

  • DOI: https://doi.org/10.1007/978-1-4899-7993-3_320-2

  • Received:

  • Accepted:

  • Published:

  • Publisher Name: Springer, New York, NY

  • Online ISBN: 978-1-4899-7993-3

  • eBook Packages: Springer Reference Computer SciencesReference Module Computer Science and Engineering

Publish with us

Policies and ethics

Search

Navigation