Applying RBAC providing restricted permission inheritance to a corporate Web environment

7Citations
Citations of this article
5Readers
Mendeley users who have this article in their library.
Get full text

Abstract

A successful marriage of Web and RBAC technology can support effective enterprise-wide security in large-scale systems. But RBAC has a role hierarchy concept that senior role inherits all permissions of junior roles. In the corporate environments, senior role need not have all authority of junior roles, and unconditional inheritance in role hierarchy causes undesirable side effects(permission abuse) and violates the principle of least privilege. In this paper1, we re-explore role and permission inheritance and propose a new model providing restricted permission inheritance. To do this, we divide a single role into sub-roles(Corporate/Department Common role, Restricted Inheritance role, Private Role) based on the degree of inheritance and business characteristics and make role hierarchy with sub-roles. It is very useful to solve unconditional inheritance problem in a corporate environment. And we describe formal description of proposed model. Lastly, we show a system architecture applying RBAC with proposed model within a corporate web environment. © Springer-Verlag Berlin Heidelberg 2003.

Cite

CITATION STYLE

APA

Yi, Y. H., Kim, M. J., Lee, Y. L., Lee, H. H., & Noh, B. N. (2003). Applying RBAC providing restricted permission inheritance to a corporate Web environment. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2642, 287–292. https://doi.org/10.1007/3-540-36901-5_29

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free