Towards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration
Zhixiong Zhang (The College Board, USA), Xinwen Zhang (Samsung Information System America, USA) and Ravi Sandhu (University of Texas at San Antonio, USA & TriCipher Inc., USA)
Copyright: © 2009
This chapter addresses the problem that traditional role-base access control (RBAC) models do not scale up well for modeling security policies spanning multiple organizations. After reviewing recently proposed Role and Organization Based Access Control (ROBAC) models, an administrative ROBAC model called AROBAC07 is presented and formalized in this chapter. Two examples are used to motivate and demonstrate the usefulness of ROBAC. Comparison between AROBAC07 and other administrative RBAC models are given. We show that ROBAC/AROBAC07 can significantly reduce administration complexity for applications involving a large number of organizational units. Finally, an application compartment-based delegation model is introduced, which provides a method to construct administrative role hierarchy in AROBAC07. We show that the AROBAC07 model provides convenient ways to decentralize administrative tasks for ROBAC systems and scales up well for role-based systems involving a large number of organizational units.
ANSI RBAC reference model includes core RBAC (no role hierarchy), hierarchy RBAC (has role hierarchy), and constrained RBAC (has Separation of Duty constraints). Figure 1 shows a classic (standard) RBAC which is based on the well-known RBAC96 and permission definition from ANSI RBAC.
Key Terms in this Chapter
Permissible Administrative Organization Set (PAOSET): A paoset of an organization is a set of organizations in which the greatest administrative role (gar) in the organization can modify the organization hierarchy.
Administrative ROBAC: Refers to approaches of controlling administrative tasks in ROBAC. It usually provides ways to control the following major administrative tasks: assigning users to role-organization pairs, assigning permissions to roles, managing roles and role hierarchy, managing organizations and organization hierarchy, and managing role and organization association.
Role and Organization Based Access Control (ROBAC): An extension of RBAC. In ROBAC, access is based on user’s roles and the indirect association between users and system resources via organizations.
Role-Based Access Control (RBAC): A method to restrict user’s access to system resources based on the user’s roles. In RBAC, roles are defined based on job functions, permissions are associated with roles, and users are made members of appropriate roles, thereby acquiring the roles’ permissions.
Application Compartment (ACom): An ACom of an application is a subset of a ROBAC where only the users, permissions, roles, and organizations applicable to the application are included.
Permission Prerequisite Condition (PPC): A condition a permission needs to be met before the permission can be assigned to roles.
Permissible Administrative Role Set (PARSET): A parset of an administrative role is a set of regular roles in which the administrative role can modify the regular role hierarchy.
Administrative RBAC: Refers to approaches of controlling administrative tasks in RBAC. It usually provides ways to control the following major administrative tasks: assigning users to roles (user to role assignment), assigning permissions to roles (permission to role assignment), and adjusting role hierarchy (role to role assignment).
User Prerequisite Condition (UPC): A condition a user needs to be met before the user can be assigned to roles or role-organization pairs.
Complete Chapter List
Manish Gupta, Raj Sharman
C. Warren Axelrod
Ahmed Awad E. Ahmed
Arunabha Mukhopadhyay, Samir Chatterjee, Debashis Saha, Ambuj Mahanti, Samir K. Sadhukhan
Zhixiong Zhang, Xinwen Zhang, Ravi Sandhu
Madhusudhanan Chandrasekaran, Shambhu Upadhyaya
Ghita Kouadri Mostefaoui, Patrick Brézillon
Douglas P. Twitchell
James W. Ragucci, Stefan A. Robila
Nick Pullman, Kevin Streff
E. Kritzinger, S.H von Solms
Donald Murphy, Manish Gupta, H.R. Rao
Sérgio Tenreiro de Magalhães, Kenneth Revett, Henrique M.D. Santos, Leonel Duarte dos Santos, André Oliveira, César Ariza
Carsten Röcker, Carsten Magerkurth, Steve Hinske
Yuko Murayama, Carl Hauser, Natsuko Hikage, Basabi Chakraborty