Wolfgang Essmayr, Elisabeth Kapsammer, A Min Tjoa, Roland Wagner,
"Using Role-Templates for Handling Recurring Role Structures"
: Database Security XII: Status and Prospects. 12th IFIP WG 11.3 Conference on Database Security, Chalkidiki, Greece, 7-1998, ISBN: 0-7923-8488-1, Wolfgang Essmayr, Elisabeth Kapsammer, Roland Wagner, A Min Tjoa: Using Role-Templates for Handling Recurring Role Structures, Database Security XII: Status and Prospects (Ed. Jajodia), Kluwer Academic Publishers, [ISBN 0-7923-8488-1], 12th IFIP WG 11.3 Conference on Database Security, Chalkidiki, Greece, July 15-17, 1998
Original Titel:
Using Role-Templates for Handling Recurring Role Structures
Sprache des Titels:
Englisch
Original Buchtitel:
Database Security XII: Status and Prospects. 12th IFIP WG 11.3 Conference on Database Security, Chalkidiki, Greece
Original Kurzfassung:
Role-based access controls (RBAC) have been proposed as a design and implementation approach to discretionary access controls (DAC) more apt to the requirements of commercial enterprise environments. As advantages can be mentioned centralized security administration, separation of duty and least privilege properties. However, the nature of enterprises often entails recurring sub-structures like departments, projects etc. that cannot yet be handled adequately by the available concepts for role-hierarchies. Therefore, we propose an additional mechanism for administrating role-hierarchies called role-templates. This mechanism allows to specify a generic sub-hierarchy (e.g. a department role-hierarchy) that may be instantiated for each department of the enterprise resulting in an automatically generated, concrete role-hierarchy for the particular department. Furthermore, role-templates may be specialized and have aggregations and associations to other templates making the concept more flexible and semantically expressive. The proposed ideas will be implemented as a prototype within OASIS (Open Architecture Security for Information Systems) dealing with enterprise-wide security, which demands highly configurable access controls for multiple heterogeneous information systems
Sprache der Kurzfassung:
Englisch
Erscheinungsmonat:
7
Erscheinungsjahr:
1998
Notiz zum Zitat:
Wolfgang Essmayr, Elisabeth Kapsammer, Roland Wagner, A Min Tjoa: Using Role-Templates for Handling Recurring Role Structures, Database Security XII: Status and Prospects (Ed. Jajodia), Kluwer Academic Publishers, [ISBN 0-7923-8488-1], 12th IFIP WG 11.3 Conference on Database Security, Chalkidiki, Greece, July 15-17, 1998