Skip to main content
Conference ProceedingsOPEN ACCESS

Evaluating the risk of adopting RBAC roles

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2010) 6166 LNCS 303-310
DOI: 10.1007/978-3-642-13739-6_21
3Citations
Citations of this article
8Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

We propose a framework to evaluate the risk incurred when managing users and permissions through RBAC. The risk analysis framework does not require roles to be defined, thus making it applicable before the role engineering phase. In particular, the proposed approach highlights users and permissions that markedly deviate from others, and that might consequently be prone to error when roles are operating. By focusing on such users and permissions during the role definition process, it is possible to mitigate the risk of unauthorized accesses and role misuse. © 2010 IFIP International Federation for Information Processing.

Cite

CITATION STYLE

APA

Colantonio, A., Di Pietro, R., Ocello, A., & Verde, N. V. (2010). Evaluating the risk of adopting RBAC roles. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6166 LNCS, pp. 303–310). https://doi.org/10.1007/978-3-642-13739-6_21

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free