Hybrid Role and Attribute Based Access Control Applied in Information Systems-Reference-Cited by-同舟云学术

Hybrid Role and Attribute Based Access Control Applied in Information Systems

Published:2021-09-01 Issue:3 Volume:21 Page:85-96
ISSN:1314-4081
Container-title:Cybernetics and Information Technologies
language:en
Short-container-title:

Author:

Penelova Maria¹

Affiliation:

1. Institute of Information and Communication Technologies, Bulgarian Academy of Sciences , 1113 Sofia , Bulgaria

Abstract

Abstract It this paper it is proposed a new access control model – Hybrid Role and Attribute Based Access Control (HRABAC). It is an extension of Role-Based Access Control (RBAC). HRABAC is designed for information systems and enterprise software and combines the advantages of RBAC and Attribute-Based Access Control (ABAC). HRABAC is easy configurable, fine-grained and supports role hierarchies. The proposed model HRABAC describes the access control scheme in Laravel package laravelroles/rolespermissions, which is developed by the author of the paper, as an answer to the requirements of practice of fine-grained and easy configurable access control solution. Laravel is chosen, because it is the most popular and the most widely used PHP framework. The package laravelroles/rolespermissions is developed on Laravel so that maximum number of programmers could use it. This package contains working and tested functionalities for managing users, roles and permissions, and it is applied in accounting information system.

Publisher

Walter de Gruyter GmbH

Subject

General Computer Science

Link

https://www.sciendo.com/pdf/10.2478/cait-2021-0031

Reference29 articles.

1. 1.Kuhn, D. R., E. J. Coyne, T. R. Weil. Adding Attributes to Role-Based Access Control – IEEE Computer, Vol. 43, 2010, No 6, pp. 79-81.10.1109/MC.2010.155

2. 2. Ferraiolo, D. F., D. R. Kuhn, R. Chandramouli. Role-Based Access Control. Second Edition. Artech House, 2007.

3. 3. Ferraiolo, D. F., R. Sandhu, S. Gavrila, D. R. Kuhn, R. Chandramouli. Proposed NIST Standard for Role-Based Access Control. – ACM Transactions on Information and System Security, Vol. 4, August 2001, No 3, pp. 224-274.10.1145/501978.501980

4. 4. Sandhu, R., E. Coyne, H. Feinstein, C. Youman. Role-Based Access Control Models – IEEE Computer, Vol. 29, February 1996, No 2, pp. 38-47.10.1109/2.485845

5. 5. Hu, V. C., D. Ferrariolo, R. Kuhn, A. Schnitzer, K. Sandlin, R. Miller, S. Karen. Guide to Attribute Based Access Control (ABAC) Definitions and Considerations – In: NIST Special Publication 800-162, SIN’13, 2014.10.6028/NIST.SP.800-162

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Comparative Study of Access Control Models for Ubiquitous Computing Systems;Proceedings of the 5th International Conference on Information Management & Machine Intelligence;2023-11-23

2. A New Attribute-Based Access Control Model for RDBMS;Cybernetics and Information Technologies;2022-11-01