Decentralized user-role assignment for Web-based Intranets

Ravi Sandhu, Joon S. Park

Research output: Contribution to conferencePaperpeer-review

23 Scopus citations


The intricacy of security administration is one of the most challenging problems in large networked systems. This problem is especially serious in the Web environment, which consists of synthesis of technologies and composition of various constituents. Role-Based Access Control (RBAC) can reduce the complexity and cost of security administration in large networked applications. Using RBAC itself to manage RBAC provides additional administrative convenience. The main contribution of this paper is to extend the RBAC/Web system (developed at NIST) with the URA97 model for user-role assignment (developed at GMU) to decentralize the details of RBAC administration on the Web without losing central control over the system policy.

Original languageEnglish (US)
Number of pages12
StatePublished - 1998
Externally publishedYes
EventProceedings of the 1998 3rd ACM Workshop on Role-Based Access Control - Fairfax, VA, USA
Duration: Oct 22 1998Oct 23 1998


OtherProceedings of the 1998 3rd ACM Workshop on Role-Based Access Control
CityFairfax, VA, USA

ASJC Scopus subject areas

  • General Computer Science


Dive into the research topics of 'Decentralized user-role assignment for Web-based Intranets'. Together they form a unique fingerprint.

Cite this