2019
DOI: 10.3390/sym11050669
|View full text |Cite
|
Sign up to set email alerts
|

Permission-Based Separation of Duty in Dynamic Role-Based Access Control Model

Abstract: A major development in the field of access control is the dominant role-based access control (RBAC) scheme. The fascination of RBAC lies in its enhanced security along with the concept of roles. In addition, attribute-based access control (ABAC) is added to the access control models, which is famous for its dynamic behavior. Separation of duty (SOD) is used for enforcing least privilege concept in RBAC and ABAC. Moreover, SOD is a powerful tool that is used to protect an organization from internal security att… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
17
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
5
3

Relationship

1
7

Authors

Journals

citations
Cited by 21 publications
(18 citation statements)
references
References 37 publications
0
17
0
Order By: Relevance
“…According to this work, the administrator starts creating attributed objects and actions with COI. There is no need to create the permissions one by one as well as by creating different containers, as the previous models do [18], [22], [56]. The system automatically creates the permissions by merging newly created actions with objects and creates all the possible permissions itself.…”
Section: Methodsmentioning
confidence: 99%
See 1 more Smart Citation
“…According to this work, the administrator starts creating attributed objects and actions with COI. There is no need to create the permissions one by one as well as by creating different containers, as the previous models do [18], [22], [56]. The system automatically creates the permissions by merging newly created actions with objects and creates all the possible permissions itself.…”
Section: Methodsmentioning
confidence: 99%
“…Even some of the authors proposed to create multiple permissions by creating different containers. In our opinion, those solutions are increasing the administrative load instead of decreasing [22], [56]. But the proposed model just initiates the permission creation process and the system will create all the possible permissions at once.…”
Section: E Conflict Of Interest In Hybrid Access Controlmentioning
confidence: 99%
“…ABAC first establishes the attribute set and describes the access control policy, and then responds to the access control request and updates the access control policy during execution [12]. RBAC guarantees flexible control and management of objects through a dual authority mapping mechanism, and provides inter-domain role mapping and constraint verification methods in cross-entity access control of CPS [15], [16]. When constructing attribute set and permission mapping, usually use role engineering or attribute engineering topdown or bottom-up method to mine roles or attributes to further authorize users.…”
Section: W(e[i])mentioning
confidence: 99%
“…The separation of duty (SOD) policies is a typical policy used to ensure safety [19]. It prevent a set of users less than a certain threshold from being fully authorized to perform sensitive tasks [15], [16], [20]. Excessive pursuit of system safety may lead to unavailability of the system.…”
Section: W(e[i])mentioning
confidence: 99%
“…The access control models can be divided into 5 categories: the discretionary access control (DAC) [5], the mandatory access control (MAC) [6], the role-based access control (RBAC) [7][8][9], the attribute-based access control (ABAC) [10], the policy-based access control (PBAC) [11,12]. Various data security algorithms are used to improve the security of the access control model.…”
Section: Introductionmentioning
confidence: 99%