Trust-aware RBAC
Chapter, Peer reviewed
Permanent lenke
http://hdl.handle.net/11250/137956Utgivelsesdato
2012Metadata
Vis full innførselOriginalversjon
Oleshchuk, V. (2012). Trust-aware RBAC. In I. Kotenko & V. Skormin (Eds.), Computer Network Security (Vol. 7531, pp. 97-107): Springer.Sammendrag
In this paper we propose a trust-aware enhancement of RBAC (TA-RBAC) that takes trustworthiness of users into consideration explicitly before granting access. We assume that each role in the framework is associated with an expression that describe trustworthiness of subjects required to be able to activate the role, and each subject (user) has assigned trustworthiness level in the system. By adding trustworthiness constraints to roles we enhance system, for example, with more flexible ability to delegate roles, to control reading/updating of objects by denying such operations to those subjects that violate trustworthiness requirements.
Beskrivelse
Published version of a chapter in the book: Computer Network Security. Also available from the publisher at: http://dx.doi.org/10.1007/978-3-642-33704-8_9