본문 바로가기
  • Home

A Time Constraints Permission Based Delegation Model in RBAC

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2010, 15(11), pp.163-171
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science

김태식 1 장태무 1

1동국대학교

Accredited

ABSTRACT

RBAC(Role-Based Access Control) has advantages in managing access controls, because it offers the role inheritance and separation of duty in role hierarchy structures. Delegation is a mechanism of assigning access rights to a user. RBDM0 and RDM2000 models deal with user-to-user delegation. The unit of delegation in them is a role. However, RBAC does not process delegation of Role or Permission effectively that occurs frequently in the real world. This paper proposes a Time Constraints Permission-Based Delegation Model(TCPBDM) that guarantees permanency of delegated permissions and does not violate security principle of least privilege and separation of duty. TCPBDM, based on the well-known RBAC96, supports both user-to-user and role-to-role delegation with time constraints. A delegator can give permission to a specific person, that is delegatee, and the permission can be withdrawn whenever the delegator wants. Our model is analyzed and shown to be effective in the present paper.

Citation status

* References for papers published after 2022 are currently being built.