RBAC administration in distributed systems

M.A.C. Dekker, J. Crampton, S. Etalle

Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

13 Citations (Scopus)

Abstract

Large and distributed access control systems are increasingly common, for example in health care. In such settings, access control policies may become very complex, thus complicating correct and efficient adminstration of the access control system. Despite being one of the most widely used access control standards, RBAC does not include an administration model for distributed systems. In this paper we fill this gap. We present a model for the administration of RBAC in a distributed system and propose an administration procedure supporting the principle that different systems protect different sets of objects. We demonstrate that our procedure fulfills the formal requirements deriving from safety and availability, and we show how it can be translated to a practical implementation. Finally, we show how our model can be extended with multiple decentralized administrative systems.
Original languageEnglish
Title of host publicationSACMAT 2008 (13th ACM Symposium on Access Control Models and Technologies, Estes Park, CO, USA, June 11-13, 2008, Proceedings)
EditorsI. Ray, N. Li
Place of PublicationNew York
PublisherAssociation for Computing Machinery, Inc
Pages93-102
ISBN (Print)978-1-60558-129-3
DOIs
Publication statusPublished - 2008

Fingerprint Dive into the research topics of 'RBAC administration in distributed systems'. Together they form a unique fingerprint.

  • Cite this

    Dekker, M. A. C., Crampton, J., & Etalle, S. (2008). RBAC administration in distributed systems. In I. Ray, & N. Li (Eds.), SACMAT 2008 (13th ACM Symposium on Access Control Models and Technologies, Estes Park, CO, USA, June 11-13, 2008, Proceedings) (pp. 93-102). Association for Computing Machinery, Inc. https://doi.org/10.1145/1377836.1377852