TY - GEN
T1 - On the Increasing Importance of Constraints
AU - Jaeger, Trent
N1 - Publisher Copyright:
© 1999 ACM.
PY - 1999
Y1 - 1999
N2 - In this paper, we examine how the addition of role-based access control (RBAC) model features affect the complexity of the RBAC constraint models. Constraints are used in RBAC models to constrain the assignment of permissions and principals to roles (among other things). Historically, it was assumed that the role assignments would change rather infrequently, so only a few constraints were necessary. Given new RBAC features, such as context-sensitive roles, the complexity of the restrictions that can be required is increasing because the role definitions may depend on application state. As application state changes, so do the role assignments. We examine the RBAC constraint problem using an example of a virtual university. We propose RBAC model features for simplifying the representation of constraints given our experience with this example.
AB - In this paper, we examine how the addition of role-based access control (RBAC) model features affect the complexity of the RBAC constraint models. Constraints are used in RBAC models to constrain the assignment of permissions and principals to roles (among other things). Historically, it was assumed that the role assignments would change rather infrequently, so only a few constraints were necessary. Given new RBAC features, such as context-sensitive roles, the complexity of the restrictions that can be required is increasing because the role definitions may depend on application state. As application state changes, so do the role assignments. We examine the RBAC constraint problem using an example of a virtual university. We propose RBAC model features for simplifying the representation of constraints given our experience with this example.
UR - http://www.scopus.com/inward/record.url?scp=0242528825&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=0242528825&partnerID=8YFLogxK
U2 - 10.1145/319171.319175
DO - 10.1145/319171.319175
M3 - Conference contribution
AN - SCOPUS:0242528825
T3 - RBAC 1999 - Proceedings of the 4th ACM Workshop on Role-Based Access Control
SP - 33
EP - 42
BT - RBAC 1999 - Proceedings of the 4th ACM Workshop on Role-Based Access Control
PB - Association for Computing Machinery, Inc
T2 - 4th ACM Workshop on Role-Based Access Control, RBAC 1999
Y2 - 28 October 1999 through 29 October 1999
ER -