Role usage and activation hierarchies best viewed in slide show mode
This presentation is the property of its rightful owner.
Sponsored Links
1 / 14

Role Usage and Activation Hierarchies (best viewed in slide show mode) PowerPoint PPT Presentation


  • 89 Views
  • Uploaded on
  • Presentation posted in: General

Role Usage and Activation Hierarchies (best viewed in slide show mode). Ravi Sandhu Laboratory for Information Security Technology George Mason University www.list.gmu.edu [email protected] Reference.

Download Presentation

Role Usage and Activation Hierarchies (best viewed in slide show mode)

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Role usage and activation hierarchies best viewed in slide show mode

Role Usage and Activation Hierarchies(best viewed in slide show mode)

Ravi Sandhu

Laboratory for Information Security Technology

George Mason University

www.list.gmu.edu

[email protected]


Reference

Reference

  • Ravi Sandhu, “Role Hierarchies and Constraints for Lattice-Based Access Controls.” Proc. Fourth European Symposium on Research in Computer Security, Rome, Italy, September 25-27, 1996, pages 65-79. Published as Lecture Notes in Computer Science, Computer Security-ESORICS96 (Elisa Bertino et al, editors), Springer-Verlag, 1996.

  • Ravi Sandhu, “Role Activation Hierarchies.” Proc. Third ACM Workshop on Role-Based Access Control, Fairfax, Virginia, October 22-23, 1998, pages 33-40.

  • Sylvia Osborn, Ravi Sandhu and Qamar Munawer. “Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies.” ACM Transactions on Information and System Security, Volume 3, Number 2, May 2000, pages 85-106.


Role hierarchies

Role hierarchies

  • Two aspects

    • Role usage: permission inheritance

    • Role activation: activation hierarchy

  • RBAC96 combines both aspects in a single hierarchy

  • ANSI/NIST standard model leaves this open

    • Do one or both, just make it clear what you are doing


Example role hierarchy

Example Role Hierarchy


Lbac to rbac

LBAC to RBAC


Simple security property

Simple security property

  • some variations of LBAC use 2 labels for subjects

    • λr for read and λw for read

    • λr = λw for the single label case


Variations of property

Variations of *-property


Lbac to rbac independent read write hierarchies

LBAC to RBAC: independent read-write hierarchies


Lbac to rbac intertwined read write hierarchies

LBAC to RBAC: intertwined read-write hierarchies


Activation hierarchies and dynamic sod

Activation hierarchies and dynamic SOD


Formal definition

Formal definition


Activation hierarchy with non maximal roles

Activation hierarchy with non-maximal roles


Read write rbac and lbac

Read-write RBAC and LBAC


Lbac with trusted strict property

LBAC with trusted strict *-property


  • Login