M. Nyanchama and S. L. Osborn. The role graph model and con ict of interest. ACM TISSEC, 2(1):3-33, 1999.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....closely integrated with an active, event based middleware infrastructure. In this way we can notify applications of any change in their environment, making it possible to ensure that security policy is satis ed at all times. OASIS is role based but has important di erences from other RBAC schemes [3, 4, 5, 6, 7, 8, 11, 12, 13, 14, 15, 16]: Roles are service speci c; there is no notion of globally centralised administration of role naming and privilege management. Roles may be parametrised, as required by applications. Roles are activated within sessions. A session is started by activating an initial role such as logged ....

M. Nyanchama and S. Osborn. The role graph model and con ict of interest. ACM Transactions on Information and System Security, 2(1):3-33, Feb 1999.

....that role. Note that the appointing role is in no sense delegating; a clerk in a hospital registry will not be medically quali ed. Security policies in real life often involve constraints such as separation of duties. Several types of constraint have been identi ed and discussed in the literature [20, 13, 21, 17]. In our model, constraints may be associated with role activation rules, see de nition 4 in section 4.1; in future work we plan to specify role constraints at the organisational level, for example, an account clerk cannot simultaneously be a billing clerk . We describe a possible implementation ....

....RP describes the role privilege relationship. It is a manyto many relation speci ed by the security administrators of an organisation to express security policies. We distinguish two sets of privileges for a role by the terms direct and e ective. Our de nitions are di erent from those given in [17], where direct and e ective privileges are de ned with role hierarchy in mind. The direct privilege set of a role r 2 R is the set of privileges assigned to r directly, i.e. DP(r) fp j (r; p) 2 RPg. The e ective privilege set of a role r is the set of privileges that a user who is active in r ....

M. Nyanchama and S. Osborn. The role graph model and con ict of interest. ACM Transactions on Information and System Security, 2(1):3-33, Feb 1999.

....roles are decentralized, and a comparison of several possible solutions. In particular, this paper focuses on the issue of (decentralized) administration of user role assignment and revocation in the RBAC model; the administration of permission role assignment and revocation, discussed in [NO99] for the case of one administrator, is not explicitly treated here, but can be described in a similar way. The comparison of di erent AC policies within the graph grammar formalism and the analysis of the system behavior in combining di erent AC policies are the subject of another paper [KMPP00] ....

....the range of an administrator by a set of edges pointing to the roles the administrator is responsible for. By replacing the interval de nition of a range in [SBM99] by a set de nition, the deletion of a boundary role does not destroy the range of an administrator. Comparing our model with [NO99], the algorithms presented there deal with the centralized administration of privileges (permissions) and roles. By explicitly introducing permission nodes, we could specify their model. For example, the deletion of a role while retaining its privileges could require the redirection of the edges ....

[Article contains additional citation context not shown here]

M. Nyanchama and S.L. Osborne. The Role Graph Model and Con ict of Interest. ACM Trans. of Info. and System Security, 2(1):3-33, 1999.

....can change dynamically. Indeed the identity of the principal and the roles held can be thought of as constituting a protection domain [6] Proponents of role based access control also argue that a formal representation of roles can signi cantly improve the management of access control policies [9, 2, 11]. The concept that a principal should hold access control rights dates from the development of capabilities [10] The key problem with roles or capabilities when compared with access control lists is the management of the distributed representation of access control rights. To date there have ....

Matunda Nyanchama and Sylvia Osborn. The role graph model and con ict of interest. ACM Transactions on Information and System Security, 2(1):3-33, Feb 1999.

No context found.

M. Nyanchama and S. L. Osborn. The role graph model and con ict of interest. ACM TISSEC, 2(1):3-33, 1999.

No context found.

M. Nyanchama and S. L. Osborn. The role graph model and con ict of interest. ACM TISSEC, 2(1):3-33, 1999.

....been referred to as three planes. On the user group plane, we look at set of users (which we call groups) and the relationships between them [4] On the role plane, we consider the role hierarchy (which we call the role graph) and its algorithms which permit various operations on the role graph [3]. On the privileges plane, we consider privileges, which are (object, operation) or (object, access mode) pairs. In these previous papers, it has always been assumed that when a privilege p is added to a role, any privileges implied by p are also added to the role. In this paper, we will present ....

....et al. model has both negative and positive permission, and strong and weak permissions. Our model does not have negative permissions, as we prefer to deal with these situations using constraints. We also do not have strong and weak permissions. 3. The Role Graph Model The role graph model [2 3] models the role role relationship with an acyclic, directed graph in which the nodes represent roles, and the directed edges represent the is junior relationship. Roles are represented by a pair (rname, pset) where rname is a unique role name, and pset is the set of privileges assigned to the ....

[Article contains additional citation context not shown here]

M. Nyanchama and S. L. Osborn. The role graph model and con ict of interest. ACM TISSEC, 2(1):3-33, 1999.

....a role can have many permissions, and the same permission can be assigned to many roles. There is a partially ordered role hierarchy RH, also written as , where x y signi es that role x inherits the permissions assigned to role y. In the work of Nyanchama and Osborn [Nyanchama and Osborn 1994; Nyanchama and Osborn 1999; Nyanchama and Osborn 1996] the role hierarchy is presented as an acyclic directed graph, and direct relationships in the role hierarchy are referred to as edges. Inheritance along the role hierarchy is transitive; multiple inheritance is allowed in partial orders. Figure 1 shows a set of ....

Nyanchama, M. and Osborn, S. L. 1999. The role graph model and con ict of interest. ACM TISSEC 2, 1, 3-33.

No context found.

M. Nyanchama and S. Osborn. The role graph model and con ict of interest. ACM Transactions on Information and System Security, 2(1):3-33, 1999.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC