Abstract
Secure and effective access control is critical to sensitive organizations, especially when multiple organizations are working together using diverse systems. To alleviate the confusion and challenges of redundancy in such a large, complex organization, in this paper we introduce a composite role-based access control (RBAC) approach, by separating the organizational and system role structures and by providing the mapping between them. This allows for the explicit identification and separation of organizational and target-system roles, role hierarchies, role assignments, constraints, and role activations, with an attempt to bridge the gap between the organizational and system role structures. The composite RBAC approach supports scalable and reusable RBAC mechanisms for large, complex organizations. Our research explores the newly created Department of Homeland Security (DHS) as a large, complex organization in which the Composite RBAC can be applied.
Original language | English (US) |
---|---|
Pages | 163-172 |
Number of pages | 10 |
DOIs | |
State | Published - 2004 |
Event | Proceedings on the Ninth ACM Symposium on Access Control Models and Technologies, SACMAT 2004 - Yorktown Heights, NY, United States Duration: Jun 2 2004 → Jun 4 2004 |
Other
Other | Proceedings on the Ninth ACM Symposium on Access Control Models and Technologies, SACMAT 2004 |
---|---|
Country/Territory | United States |
City | Yorktown Heights, NY |
Period | 6/2/04 → 6/4/04 |
Keywords
- RBAC
- Role mappings
- Role structures
- Role-based access control
ASJC Scopus subject areas
- General Computer Science