RBAC administration in distributed systems

M.A.C. Dekker, J. Crampton, Sandro Etalle

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    18 Citations (Scopus)
    16 Downloads (Pure)


    Large and distributed access control systems are increasingly common, for example in health care. In such settings, access control policies may become very complex, thus complicating correct and efficient adminstration of the access control system. Despite being one of the most widely used access control standards, RBAC does not include an administration model for distributed systems. In this paper we fill this gap. We present a model for the administration of RBAC in a distributed system and propose an administration procedure supporting the principle that different systems protect different sets of objects. We demonstrate that our procedure fulfills the formal requirements deriving from safety and availability, and we show how it can be translated to a practical implementation. Finally, we show how our model can be extended with multiple decentralized administrative systems.
    Original languageUndefined
    Title of host publicationProceedings of the 13th ACM symposium on Access control models and technologies
    EditorsN. Li
    Place of PublicationNew York
    PublisherAssociation for Computing Machinery
    Number of pages10
    ISBN (Print)978-1-60558-129-3
    Publication statusPublished - Jun 2008
    Event13th ACM symposium on Access control models and technologies - Estes Park, Colorado, USA
    Duration: 11 Jun 200813 Jun 2008

    Publication series



    Conference13th ACM symposium on Access control models and technologies
    Other11-13 June 2008


    • CR-D.4.6
    • CR-K.6.5
    • IR-62367
    • EWI-12936
    • METIS-251035
    • SCS-Cybersecurity

    Cite this