Despite a large body of literature on the administration of RBAC policies in centralized systems, the problem of the administration of a distributed system has hardly been addressed. We present a formal system for modelling a distributed RBAC system and its administration. We define two basic requirements for distributed RBAC systems, based on safety and availability. We present a transition-system modelling the actual implementation of administrative commands and we show that it preserves those requirements. We also indicate how the system can be used as a basis for a practical implementation.
|Name||CTIT Technical Report Series|
|Publisher||Centre for Telematics and Information Technology, University of Twente|