Sylvia L. Osborn scite author profile

Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general enough to simulate the traditional methods. In this paper we provide systematic constructions for various common forms of both of the traditional access control paradigms using the role-based access control (RBAC) models of Sandhu et al., commonly called RBAC96. We see that all of the features of the RBAC96 model are required, and that although for the manatory access control simulation, only one administrative role needs to be assumed, for the discretionary access control simulations, a complex set of administrative roles is required.

show abstract

The role graph model and conflict of interest

Nyanchama

Osborn

1999

ACM Trans. Inf. Syst. Secur.

233

179

View full text Add to dashboard Cite

We describe in more detail than before the reference model for role-based access control introduced by Nyanchama and Osborn, and the role-graph model with its accompanying algorithms, which is one way of implementing role-role relationships. An alternative role insertion algorithm is added, and it is shown how the role creation policies of Fernandez et al. correspond to role addition algorithms in our model. We then use our reference model to provide a taxonomy for kinds of conflict. We then go on to consider in some detail privilegeprivilege and role-role conflicts in conjunction with the role graph model. We show how role-role conflicts lead to a partitioning of the role graph into nonconflicting collections that can together be safely authorized to a given user. Finally, in an appendix, we present the role graph algorithms with additional logic to disallow roles that contain conflicting privileges.

show abstract

Current Research and Open Problems in Attribute-Based Access Control

2017

View full text Add to dashboard Cite

Attribute-based access control (ABAC) is a promising alternative to traditional models of access control (i.e., discretionary access control (DAC), mandatory access control (MAC), and role-based access control (RBAC)) that is drawing attention in both recent academic literature and industry application. However, formalization of a foundational model of ABAC and large scale adoption is still in its infancy. The relatively recent emergence of ABAC still leaves a number of problems unexplored. Issues like delegation, administration, auditability, scalability, hierarchical representations, and the like, have been largely ignored or left to future work. This article provides a basic introduction to ABAC and a comprehensive review of recent research efforts toward developing formal models of ABAC. A taxonomy of ABAC research is presented and used to categorize and evaluate surveyed articles. Open problems are identified based on the shortcomings of the reviewed works and potential solutions discussed.

show abstract

Candidate keys for relations

Lucchesi

Osborn

1978

Journal of Computer and System Sciences

125

View full text Add to dashboard Cite

HGABAC: Towards a Formal Model of Hierarchical Attribute-Based Access Control

Servos

Osborn

2015

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Sylvia L. Osborn

Configuring role-based access control to enforce mandatory and discretionary access control policies

The role graph model and conflict of interest

Current Research and Open Problems in Attribute-Based Access Control

Candidate keys for relations

HGABAC: Towards a Formal Model of Hierarchical Attribute-Based Access Control

Contact Info

Product

Resources

About