RBAC administration in distributed systems

M.A.C. Dekker, J. Crampton, Sandro Etalle

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    17 Citations (Scopus)

    Abstract

    Large and distributed access control systems are increasingly common, for example in health care. In such settings, access control policies may become very complex, thus complicating correct and efficient adminstration of the access control system. Despite being one of the most widely used access control standards, RBAC does not include an administration model for distributed systems. In this paper we fill this gap. We present a model for the administration of RBAC in a distributed system and propose an administration procedure supporting the principle that different systems protect different sets of objects. We demonstrate that our procedure fulfills the formal requirements deriving from safety and availability, and we show how it can be translated to a practical implementation. Finally, we show how our model can be extended with multiple decentralized administrative systems.
    Original languageUndefined
    Title of host publicationProceedings of the 13th ACM symposium on Access control models and technologies
    EditorsN. Li
    Place of PublicationNew York
    PublisherAssociation for Computing Machinery
    Pages93-102
    Number of pages10
    ISBN (Print)978-1-60558-129-3
    DOIs
    Publication statusPublished - Jun 2008
    Event13th ACM symposium on Access control models and technologies - Estes Park, Colorado, USA
    Duration: 11 Jun 200813 Jun 2008

    Publication series

    Name
    PublisherACM
    Number302

    Conference

    Conference13th ACM symposium on Access control models and technologies
    Period11/06/0813/06/08
    Other11-13 June 2008

    Keywords

    • CR-D.4.6
    • CR-K.6.5
    • IR-62367
    • EWI-12936
    • METIS-251035
    • SCS-Cybersecurity

    Cite this