Welcome to the InfoSci Platform
Reference Hub1
Towards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration

Towards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration

Zhixiong Zhang, Xinwen Zhang, Ravi Sandhu
Copyright: © 2009 |Pages: 24
ISBN13: 9781605661322|ISBN10: 1605661325|EISBN13: 9781605661339
DOI: 10.4018/978-1-60566-132-2.ch006
Cite Chapter Cite Chapter

MLA

Zhang, Zhixiong, et al. "Towards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration." Handbook of Research on Social and Organizational Liabilities in Information Security, edited by Manish Gupta and Raj Sharman, IGI Global, 2009, pp. 94-117. https://doi.org/10.4018/978-1-60566-132-2.ch006

APA

Zhang, Z., Zhang, X., & Sandhu, R. (2009). Towards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration. In M. Gupta & R. Sharman (Eds.), Handbook of Research on Social and Organizational Liabilities in Information Security (pp. 94-117). IGI Global. https://doi.org/10.4018/978-1-60566-132-2.ch006

Chicago

Zhang, Zhixiong, Xinwen Zhang, and Ravi Sandhu. "Towards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration." In Handbook of Research on Social and Organizational Liabilities in Information Security, edited by Manish Gupta and Raj Sharman, 94-117. Hershey, PA: IGI Global, 2009. https://doi.org/10.4018/978-1-60566-132-2.ch006

Export Reference

Mendeley
Favorite

Abstract

This chapter addresses the problem that traditional role-base access control (RBAC) models do not scale up well for modeling security policies spanning multiple organizations. After reviewing recently proposed Role and Organization Based Access Control (ROBAC) models, an administrative ROBAC model called AROBAC07 is presented and formalized in this chapter. Two examples are used to motivate and demonstrate the usefulness of ROBAC. Comparison between AROBAC07 and other administrative RBAC models are given. We show that ROBAC/AROBAC07 can significantly reduce administration complexity for applications involving a large number of organizational units. Finally, an application compartment-based delegation model is introduced, which provides a method to construct administrative role hierarchy in AROBAC07. We show that the AROBAC07 model provides convenient ways to decentralize administrative tasks for ROBAC systems and scales up well for role-based systems involving a large number of organizational units.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.