Implicit Authorization Analysis of Role-Based Administrative Model
DOI:
Author:
Affiliation:

Clc Number:

Fund Project:

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
  • |
  • Materials
  • |
  • Comments
    Abstract:

    Role-Based administrative models have been discussed for decentralized management in large RBAC (role-based access control) systems. The latest UARBAC model has significant advantages over other models. Dueto hierarchy relationships, administrative operations of UARBAC implicate permissions. By analyzing implicitauthorization, two flaws in definition and an implemental flaw in UARBAC are found, including being unable tocreate object, dangling reference and not supporting the least authorization. The paper corrects definitions ofadministrative operations for the former two. The least authorization in UARBAC is defined as the minimal rolematch problem. The paper proves the problem is NP-hard and gives a feasible algorithm based on greedy. The method will help the administrator use appropriate operations to achieve the least role assignment.

    Reference
    Related
    Cited by
Get Citation

刘伟,蔡嘉勇,贺也平.基于角色的管理模型隐式授权分析.软件学报,2009,20(4):1048-1057

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:September 18,2007
  • Revised:February 01,2008
  • Adopted:
  • Online:
  • Published:
You are the firstVisitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063