Abstract
We describe in more detail than before the reference model for role-based access control introduced by Nyanchama and Osborn, and the role-graph model with its accompanying algorithms, which is one way of implementing role-role relationships. An alternative role insertion algorithm is added, and it is shown how the role creation policies of Fernandez et al. correspond to role addition algorithms in our model. We then use our reference model to provide a taxonomy for kinds of conflict. We then go on to consider in some detail privilege-privilege and and role-role conflicts in conjunction with the role graph model. We show how role-role conflicts lead to a partitioning of the role graph into nonconflicting collections that can together be safely authorized to a given user. Finally, in an appendix, we present the role graph algorithms with additional logic to disallow roles that contain conflicting privileges.
- AHO, A. V., GAREY, M. R., AND ULLMAN, J. D. 1972. The transitive reduction of a directed graph. SIAM J. Comput. 1, 2 (June), 131-137.Google ScholarCross Ref
- BALDWIN, R. 1990. Naming and grouping privileges to simplify security management in large databases. In Proceedings of the IEEE Symposium on Research in Security and Privacy (Oakland, CA). IEEE Computer Society Press, Los Alamitos, CA, 116-132.Google Scholar
- BERTINO, E., FERRARI, E., AND ALTURI, V. 1997. A flexible model for the specification and enforcement of role-based authorizations in a workflow management system. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control (Fairfax, VA, Nov. 6-7). ACM Press, New York, NY, 1-12. Google Scholar
- BONDY, J. A. AND MURTY, U. S. R. 1976. Graph Theory with Applications. Macmillan Press Ltd., Basingstoke, UK. Google Scholar
- FERNANDEZ, E. G., Wu, J., AND FERNANDEZ, M. H. 1994. User group structures in objectoriented database authorization. In Proceedings of the IFIP Working Group 11.3 Working Conference on Database Security. Elsevier North-Holland, Inc., Amsterdam, The Netherlands, 57-76. Google Scholar
- FERRAIOLO, D., CUGINI, g., AND KUHN, D. R. 1995. Role based access control: Features and motivations. In Proceedings of the 11th Annual Conference on Computer Security Applications. IEEE Computer Society Press, Los Alamitos, CA, 241-248.Google Scholar
- HARRISON, M., Ruzzo, W., AND ULLMAN, g. 1976. Protection in operating systems. Commun. ACM 19, 8. Google ScholarDigital Library
- Hu, M.-Y., DEMURJIAN, S. A., AND TING, T. C. 1994. Unifying structural and security modeling and analyses in the ADAM object-oriented design environment. In Proceedings of the IFIP Working Group 11.3 Working Conference on Database Security. Elsevier North-Holland, Inc., Amsterdam, The Netherlands. Google Scholar
- KUHN, D. R. 1997. Mutual exclusion as a means of implementing separation of duty requirements in role-based access control systems. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control (Fairfax, VA, Nov. 6-7). ACM Press, New York, NY, 23-30. Google Scholar
- LOCHOVSKY, F. H. AND Woo, C. C. 1988. Role-based security in data base management systems. In Database Security: Status and Prospects (Annapolis, MD, Oct. 1987), C. E. Landwehr, Ed. North-Holland Publishing Co., Amsterdam, The Netherlands, 209-222. Google Scholar
- MOHAMMED, I. AND DILTS, D. 1994. Design for dynamic user-role-based security. Comput. Secur. 13, 8, 661-671. Google ScholarDigital Library
- NYANCHAMA, M. 1994. Commercial integrity, roles and object orientation. Ph.D. Dissertation. University of Western Ontario, London, Canada. Google Scholar
- NYANCHAMA, M. AND OSBORN, S. 1993. Role-based security, object oriented databases and separation of duty. SIGMOD Rec. 22, 4 (Dec. 1993), 45-51. Google ScholarDigital Library
- NYANCHAMA, M. AND OSBORN, S. L. 1994. Access rights administration in role-based security systems. In Proceedings of the IFIP Working Group 11.3 Working Conference on Database Security. Elsevier North-Holland, Inc., Amsterdam, The Netherlands. Google Scholar
- NYANCHAMA, M. AND OSBORN, S. L 1995. Modeling mandatory access control in role-based security systems. In Proceedings of the IFIP WG 11.3 Ninth Annual Working Conference on Database Security, D. Spooner, S. Demurjian, and J. Dobson, Eds. Chapman & Hall, London, UK. Google Scholar
- OSBORN, S. 1997. Mandatory access control and role-based access control revisited. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control (Fairfax, VA, Nov. 6-7). ACM Press, New York, NY, 31-40. Google ScholarDigital Library
- OSBORN, S., REID, L., AND WESSON, G. 1996. On the interaction between role based access control and relational databases. In Proceedings of the Tenth Annual IFIP WG 11.3 Working Conference on Database Security (Aug.), P. Samarati and R. Sandhu, Eds. Chapman & Hall, London, UK. Google Scholar
- RABITTI, F., BERTINO, E., KIM, W., AND WOELK, D. 1991. A model of authorization for next-generation database systems. ACM Trans. Database Syst. 16, 1 (Mar. 1991), 88-131. Google ScholarDigital Library
- SANDHU, R. 1996. Role hierarchies and constraints for lattice-based access controls. In Proceedings of the Conference on Computer Security (ESORICS 96, Rome, Italy), E. Bertino, H. Kurth, G. Martella, and E. Montolivo, Eds. Springer-Verlag, New York, NY, 65-79. Google Scholar
- SANDHU, R., COYNE, E., FEINSTEIN, H., AND YOUMAN, C. 1996. Role-based access control models. Computer 29, 38-47. Google ScholarDigital Library
- SANDHU, R. S. 1988. Transaction control expressions for separation of duties. In Proceedings of the 4th Annual Conference on Computer Security Application (Orlando, FL, Dec.). 282-286.Google Scholar
- SIMON, R. AND ZURKO, M. E. 1997. Separation of duty in role based access control environments. In Proceedings of the l Oth IEEE Workshop on Computer Security Foundations (Rockport, MA, June 10-12). IEEE Computer Society Press, Los Alamitos, CA, 183-194. Google Scholar
- THOMAS, R. AND SANDHU, R. 1997. Task-based authorization controls (TBAC): Models for active and enterprise-oriented authorization management. In Database Security XI: Status and Prospects (Lake Tahoe, CA), T. Y. Lin and X. Qian, Eds. Chapman & Hall, London, UK, 136-151. Google Scholar
- THOMSEN, D. 1991. Role-based application design and enforcement. In Database Security IV, Status and Prospects, S. Jajodia and C. Landwehr, Eds. Elsevier North-Holland, Inc., New York, NY, 151-168.Google Scholar
- TING, T. 1988. A user-role based data security approach. In Database Security: Status and Prospects, C. Landwehr, Ed. Elsevier North-Holland, Inc., New York, NY, 187-208. Google Scholar
- TING, T., DEMURJIAN, S., AND HU, M.-Y. 1992. Requirements, capabilities and functionalities of user-role based security for an object-oriented design model. In Database Security V, Status and Prospects, C. Landwehr and S. Jajodia, Eds. Elsevier North-Holland, Inc., New York, NY. Google Scholar
- VON SOLMS, S. H. AND VAN DER MERVE, I. 1994. The management of computer security profiles using a role-oriented approach. Comput. Secur. 13, 8, 673-680. Google ScholarDigital Library
Index Terms
- The role graph model and conflict of interest
Recommendations
Conflict of interest in the administrative role graph model
SDM'06: Proceedings of the Third VLDB international conference on Secure Data ManagementThe original role graph model for role-based access control assumed a centralized administrative model. Conflict of interest for the centralized model was previously discussed by Nyanchama and Osborn. More recently, a decentralized administrative model ...
Integrating role graphs: a tool for security integration
Data and applications securityRole-based access control provides a very flexible set of mechanisms for managing the access control of a complex system with many users, objects and applications. The role graph model of Nyanchama and Osborn is one example of how role administration ...
Comments