Jean-Marie Kabasele-Tenday, J. Quisquater, Marc Lobelle
{"title":"Deriving a role-based access control model from the OBBAC model","authors":"Jean-Marie Kabasele-Tenday, J. Quisquater, Marc Lobelle","doi":"10.1109/ENABL.1999.805190","DOIUrl":null,"url":null,"abstract":"The object-based access control model (OBBAC), a conceptual access control model, has been proposed to deal with the high-level specification of a security policy in an object-oriented environment. This model is based on the notion of security labels which, however, are associated to operations rather than to objects as in the classic label-based access control models. It was used to specify the security policy of a distance learning system. The key issue that has arisen from the OBBAC model is the handling of security labels during the application development. The goal of the paper is to prove that there exists a mapping from an OBBAC model to a role-based access control model (RBAC) which can be used to specify the system security policy.","PeriodicalId":287840,"journal":{"name":"Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'99)","volume":"113 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1999-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE'99)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ENABL.1999.805190","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
The object-based access control model (OBBAC), a conceptual access control model, has been proposed to deal with the high-level specification of a security policy in an object-oriented environment. This model is based on the notion of security labels which, however, are associated to operations rather than to objects as in the classic label-based access control models. It was used to specify the security policy of a distance learning system. The key issue that has arisen from the OBBAC model is the handling of security labels during the application development. The goal of the paper is to prove that there exists a mapping from an OBBAC model to a role-based access control model (RBAC) which can be used to specify the system security policy.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
