Owner-Based Role-Based Access Control OB-RBAC

M. Saffarian, Babak Sadighi

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

5 Citations (Scopus)
9 Downloads (Pure)


Administration of an access control model deals with the question of who is authorized to update policies defined on the basis of that model. One of the models whose administration has absorbed relatively large research is the Role-Based Access Control (RBAC) model. All the existing role-based administrative models fall into the category of administrator based decentralized approach. In such an approach, a group of administrators are given firstly, the authority of updating authorizations for operative roles and secondly, the authority of delegating the previous right to other lower-level administrators. However, in organizations with informal and flexible structure, like academic and research-oriented organizations such a sharp distinction between administrative roles and operative roles might not exist. Here, each role may take part in both operative and administrative decisions such that more mission-oriented decisions are made by senior roles and more specialized-level decisions are made by junior roles. In this paper, we study a new class of access control model called Owner-Based Role-Based Access Control (OB-RBAC) which is suitable for such environments. The OB-RBAC model utilizes the advantages of both Discretionary Access Control (DAC)and RBAC. In particular, the OB-RBAC model builds a policy model which not only fulfills the organizational restrictions but enjoys the flexible administration of the DAC model.
Original languageUndefined
Title of host publicationInternational Conference on Availability, Reliability, and Security (ARES)
Place of PublicationUSA
Number of pages6
ISBN (Print)978-1-4244-5879-0
Publication statusPublished - Feb 2010
Event5th International Conference on Availability, Reliability, and Security, ARES 2010: The International Dependability Conference - Andrzej Frycz Modrzewski Cracow College, Krakow, Poland
Duration: 15 Feb 201018 Feb 2010
Conference number: 5

Publication series

PublisherIEEE Computer Society


Conference5th International Conference on Availability, Reliability, and Security, ARES 2010
Abbreviated titleARES
Internet address


  • METIS-276443
  • EWI-20153
  • IR-77049

Cite this