Affiliation:
1. University of Campinas, Brazil
Abstract
This chapter presents R+DRC, an extension of the Role-based Access Control (RBAC) model. R+DRC allow for defining constraints, for example to enforce different forms of separation of duties, and the right of overriding a constraint. The model also defines delegations, and two forms of revocations. The model is discussed within the framework of modeling the access control of an hospital. Algorithms are provided for the more complex actions.
Reference34 articles.
1. Ahn, G.-J., & Sandhu, R. S. (1999). The RSL99 language for role-based separation of duty constraints. In Proceedings of the 4th ACM Workshop on Role-Based Access Control, (pp. 43–54).
2. ANS. (2004). Role based access control. ANSI/INCITS 359.
3. A model of OASIS role-based access control and its support for active security
4. Bandmann, O. L., Firozabadi, B. S., & Dam, M. (2002). Constrained delegation. In IEEE Symposium on Security and Privacy, (pp. 131–142).
5. Barka, E. S., & Sandhu, R. (2000a). Framework for role-based delegation models. In 16th Annual Computer Security Applications Conference. Retrieved from http://www.acsac.org/2000/abstracts/34.html