article

Free Access

The role graph model and conflict of interest

Authors:
Matunda Nyanchama

Univ. of Western Ontario, Mississauga, Ont., Canada

Univ. of Western Ontario, Mississauga, Ont., Canada
View Profile

,
Sylvia Osborn

Univ. of Western Ontario, Mississauga, Ont., Canada

Univ. of Western Ontario, Mississauga, Ont., Canada
View Profile

Authors Info & Claims

ACM Transactions on Information and System Security Volume 2 Issue 1pp 3–33https://doi.org/10.1145/300830.300832

Published:01 February 1999Publication History

ACM Transactions on Information and System Security

Abstract

We describe in more detail than before the reference model for role-based access control introduced by Nyanchama and Osborn, and the role-graph model with its accompanying algorithms, which is one way of implementing role-role relationships. An alternative role insertion algorithm is added, and it is shown how the role creation policies of Fernandez et al. correspond to role addition algorithms in our model. We then use our reference model to provide a taxonomy for kinds of conflict. We then go on to consider in some detail privilege-privilege and and role-role conflicts in conjunction with the role graph model. We show how role-role conflicts lead to a partitioning of the role graph into nonconflicting collections that can together be safely authorized to a given user. Finally, in an appendix, we present the role graph algorithms with additional logic to disallow roles that contain conflicting privileges.

References

AHO, A. V., GAREY, M. R., AND ULLMAN, J. D. 1972. The transitive reduction of a directed graph. SIAM J. Comput. 1, 2 (June), 131-137.Google ScholarCross Ref
BALDWIN, R. 1990. Naming and grouping privileges to simplify security management in large databases. In Proceedings of the IEEE Symposium on Research in Security and Privacy (Oakland, CA). IEEE Computer Society Press, Los Alamitos, CA, 116-132.Google Scholar
BERTINO, E., FERRARI, E., AND ALTURI, V. 1997. A flexible model for the specification and enforcement of role-based authorizations in a workflow management system. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control (Fairfax, VA, Nov. 6-7). ACM Press, New York, NY, 1-12. Google Scholar
BONDY, J. A. AND MURTY, U. S. R. 1976. Graph Theory with Applications. Macmillan Press Ltd., Basingstoke, UK. Google Scholar
FERNANDEZ, E. G., Wu, J., AND FERNANDEZ, M. H. 1994. User group structures in objectoriented database authorization. In Proceedings of the IFIP Working Group 11.3 Working Conference on Database Security. Elsevier North-Holland, Inc., Amsterdam, The Netherlands, 57-76. Google Scholar
FERRAIOLO, D., CUGINI, g., AND KUHN, D. R. 1995. Role based access control: Features and motivations. In Proceedings of the 11th Annual Conference on Computer Security Applications. IEEE Computer Society Press, Los Alamitos, CA, 241-248.Google Scholar
HARRISON, M., Ruzzo, W., AND ULLMAN, g. 1976. Protection in operating systems. Commun. ACM 19, 8. Google ScholarDigital Library
Hu, M.-Y., DEMURJIAN, S. A., AND TING, T. C. 1994. Unifying structural and security modeling and analyses in the ADAM object-oriented design environment. In Proceedings of the IFIP Working Group 11.3 Working Conference on Database Security. Elsevier North-Holland, Inc., Amsterdam, The Netherlands. Google Scholar
KUHN, D. R. 1997. Mutual exclusion as a means of implementing separation of duty requirements in role-based access control systems. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control (Fairfax, VA, Nov. 6-7). ACM Press, New York, NY, 23-30. Google Scholar
LOCHOVSKY, F. H. AND Woo, C. C. 1988. Role-based security in data base management systems. In Database Security: Status and Prospects (Annapolis, MD, Oct. 1987), C. E. Landwehr, Ed. North-Holland Publishing Co., Amsterdam, The Netherlands, 209-222. Google Scholar
MOHAMMED, I. AND DILTS, D. 1994. Design for dynamic user-role-based security. Comput. Secur. 13, 8, 661-671. Google ScholarDigital Library
NYANCHAMA, M. 1994. Commercial integrity, roles and object orientation. Ph.D. Dissertation. University of Western Ontario, London, Canada. Google Scholar
NYANCHAMA, M. AND OSBORN, S. 1993. Role-based security, object oriented databases and separation of duty. SIGMOD Rec. 22, 4 (Dec. 1993), 45-51. Google ScholarDigital Library
NYANCHAMA, M. AND OSBORN, S. L. 1994. Access rights administration in role-based security systems. In Proceedings of the IFIP Working Group 11.3 Working Conference on Database Security. Elsevier North-Holland, Inc., Amsterdam, The Netherlands. Google Scholar
NYANCHAMA, M. AND OSBORN, S. L 1995. Modeling mandatory access control in role-based security systems. In Proceedings of the IFIP WG 11.3 Ninth Annual Working Conference on Database Security, D. Spooner, S. Demurjian, and J. Dobson, Eds. Chapman & Hall, London, UK. Google Scholar
OSBORN, S. 1997. Mandatory access control and role-based access control revisited. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control (Fairfax, VA, Nov. 6-7). ACM Press, New York, NY, 31-40. Google ScholarDigital Library
OSBORN, S., REID, L., AND WESSON, G. 1996. On the interaction between role based access control and relational databases. In Proceedings of the Tenth Annual IFIP WG 11.3 Working Conference on Database Security (Aug.), P. Samarati and R. Sandhu, Eds. Chapman & Hall, London, UK. Google Scholar
RABITTI, F., BERTINO, E., KIM, W., AND WOELK, D. 1991. A model of authorization for next-generation database systems. ACM Trans. Database Syst. 16, 1 (Mar. 1991), 88-131. Google ScholarDigital Library
SANDHU, R. 1996. Role hierarchies and constraints for lattice-based access controls. In Proceedings of the Conference on Computer Security (ESORICS 96, Rome, Italy), E. Bertino, H. Kurth, G. Martella, and E. Montolivo, Eds. Springer-Verlag, New York, NY, 65-79. Google Scholar
SANDHU, R., COYNE, E., FEINSTEIN, H., AND YOUMAN, C. 1996. Role-based access control models. Computer 29, 38-47. Google ScholarDigital Library
SANDHU, R. S. 1988. Transaction control expressions for separation of duties. In Proceedings of the 4th Annual Conference on Computer Security Application (Orlando, FL, Dec.). 282-286.Google Scholar
SIMON, R. AND ZURKO, M. E. 1997. Separation of duty in role based access control environments. In Proceedings of the l Oth IEEE Workshop on Computer Security Foundations (Rockport, MA, June 10-12). IEEE Computer Society Press, Los Alamitos, CA, 183-194. Google Scholar
THOMAS, R. AND SANDHU, R. 1997. Task-based authorization controls (TBAC): Models for active and enterprise-oriented authorization management. In Database Security XI: Status and Prospects (Lake Tahoe, CA), T. Y. Lin and X. Qian, Eds. Chapman & Hall, London, UK, 136-151. Google Scholar
THOMSEN, D. 1991. Role-based application design and enforcement. In Database Security IV, Status and Prospects, S. Jajodia and C. Landwehr, Eds. Elsevier North-Holland, Inc., New York, NY, 151-168.Google Scholar
TING, T. 1988. A user-role based data security approach. In Database Security: Status and Prospects, C. Landwehr, Ed. Elsevier North-Holland, Inc., New York, NY, 187-208. Google Scholar
TING, T., DEMURJIAN, S., AND HU, M.-Y. 1992. Requirements, capabilities and functionalities of user-role based security for an object-oriented design model. In Database Security V, Status and Prospects, C. Landwehr and S. Jajodia, Eds. Elsevier North-Holland, Inc., New York, NY. Google Scholar
VON SOLMS, S. H. AND VAN DER MERVE, I. 1994. The management of computer security profiles using a role-oriented approach. Comput. Secur. 13, 8, 673-680. Google ScholarDigital Library

Index Terms

The role graph model and conflict of interest

Recommendations

Conflict of interest in the administrative role graph model
SDM'06: Proceedings of the Third VLDB international conference on Secure Data Management

The original role graph model for role-based access control assumed a centralized administrative model. Conflict of interest for the centralized model was previously discussed by Nyanchama and Osborn. More recently, a decentralized administrative model ...
Read More
Integrating role graphs: a tool for security integration
Data and applications security

Role-based access control provides a very flexible set of mechanisms for managing the access control of a complex system with many users, objects and applications. The role graph model of Nyanchama and Osborn is one example of how role administration ...
Read More
Fine-grained role graph model
Read More

Reviews

Reviewer: Jonathan K. Millen

A role graph is a straightforward, economical presentation of policies for the assignment of data access privileges to users in an enterprise. A role is just a set of privileges, and a privilege represents some particular mode of access to an object. Users or user groups can be authorized to roles. There is a pleasant figure showing how these definitions fit together and give rise to issues that other authors have dealt with, such as privilege inheritance and group inclusions. The role graph portrays, in a minimal way, the inclusion relation of roles and the privileges in each role that are not in any subordinate node. The authors provide some algorithms for updating the graph consistently in response to desired policy changes. The last part of the paper defines conflicting roles to have no common privileges and observes that it is easy to identify sets of nodes whose members are all nonconflicting. Algorithms are given for this, too. Overall, the paper has the settled, orderly feel of an introductory textbook.

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Information and System Security Volume 2, Issue 1
Special issue on role-based access control
Feb. 1999
135 pages
ISSN:1094-9224
EISSN:1557-7406
DOI:10.1145/300830
Editor:
Ravi Sandhu
George Mason Univ., Fairfax, VA
Issue’s Table of Contents
Copyright © 1999 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 February 1999
Published in tissec Volume 2, Issue 1

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
conflict of interest
role graphs
role-based security
Qualifiers
- article
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 228
  Total Citations
  View Citations
- 2,252
  Total Downloads
- Downloads (Last 12 months)106
- Downloads (Last 6 weeks)19
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

The role graph model and conflict of interest

ACM Transactions on Information and System Security

Abstract

References

Cited By

Index Terms

Recommendations

Conflict of interest in the administrative role graph model

Integrating role graphs: a tool for security integration

Fine-grained role graph model

Reviews

Access critical reviews of Computing literature here