{"title":"基于可伸缩角色和组织的访问控制模型","authors":"Zhixiong Zhang, Xinwen Zhang, R. Sandhu","doi":"10.1109/COLCOM.2006.361879","DOIUrl":null,"url":null,"abstract":"In RBAC, roles are typically created based on job functions inside an organization. Traditional RBAC does not scale up well for modeling security policies spanning multiple organizations. To solve this problem, a family of extended RBAC models called role and organization based access control (ROBAC) models is proposed and formalized in this paper. Two examples are used to motivate and demonstrate the usefulness of ROBAC. Comparison between ROBAC and other related RBAC models is given. We show that ROBAC can significantly reduce administration complexity for Web and Internet-based applications involving a large number of organizations. Some administrative issues for ROBAC are identified and discussed. Although the theoretical-expressive power of ROBAC is the same as that of RBAC, it is more succinct and intuitive to use ROBAC than to use RBAC when applications involve many organizations","PeriodicalId":315775,"journal":{"name":"2006 International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"30","resultStr":"{\"title\":\"ROBAC: Scalable Role and Organization Based Access Control Models\",\"authors\":\"Zhixiong Zhang, Xinwen Zhang, R. Sandhu\",\"doi\":\"10.1109/COLCOM.2006.361879\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In RBAC, roles are typically created based on job functions inside an organization. Traditional RBAC does not scale up well for modeling security policies spanning multiple organizations. To solve this problem, a family of extended RBAC models called role and organization based access control (ROBAC) models is proposed and formalized in this paper. Two examples are used to motivate and demonstrate the usefulness of ROBAC. Comparison between ROBAC and other related RBAC models is given. We show that ROBAC can significantly reduce administration complexity for Web and Internet-based applications involving a large number of organizations. Some administrative issues for ROBAC are identified and discussed. Although the theoretical-expressive power of ROBAC is the same as that of RBAC, it is more succinct and intuitive to use ROBAC than to use RBAC when applications involve many organizations\",\"PeriodicalId\":315775,\"journal\":{\"name\":\"2006 International Conference on Collaborative Computing: Networking, Applications and Worksharing\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"30\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 International Conference on Collaborative Computing: Networking, Applications and Worksharing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/COLCOM.2006.361879\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 International Conference on Collaborative Computing: Networking, Applications and Worksharing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COLCOM.2006.361879","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
ROBAC: Scalable Role and Organization Based Access Control Models
In RBAC, roles are typically created based on job functions inside an organization. Traditional RBAC does not scale up well for modeling security policies spanning multiple organizations. To solve this problem, a family of extended RBAC models called role and organization based access control (ROBAC) models is proposed and formalized in this paper. Two examples are used to motivate and demonstrate the usefulness of ROBAC. Comparison between ROBAC and other related RBAC models is given. We show that ROBAC can significantly reduce administration complexity for Web and Internet-based applications involving a large number of organizations. Some administrative issues for ROBAC are identified and discussed. Although the theoretical-expressive power of ROBAC is the same as that of RBAC, it is more succinct and intuitive to use ROBAC than to use RBAC when applications involve many organizations
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
