Abstract
In many collaborative systems, users can trigger the execution of commands in a process owned by another user. Unless the access rights of such processes are limited, any user in the collaboration can gain access to another's private files; execute applications on another user's behalf; or read public system files, such as the password file, on another user's machine. However, some applications require limited sharing of private files, so it may be desirable to grant access to these files for a specific purpose. Role-based access control (RBAC) models can be used to limit the access rights of processes, but current implementations do not enable users to flexibly control the access rights of a process at runtime. We define a discretionary access control model that enables principals to flexibly control the access rights of a collaborative process. We then specify the requirements of RBAC models necessary to implement this discretionary access control model.
Original language | English (US) |
---|---|
Pages | 53-64 |
Number of pages | 12 |
State | Published - 1995 |
Event | Proceedings of the 1995 1st ACM Workshop on Role-Based Access Control - Gaithersburg, MD, USA Duration: Nov 30 1995 → Dec 1 1995 |
Other
Other | Proceedings of the 1995 1st ACM Workshop on Role-Based Access Control |
---|---|
City | Gaithersburg, MD, USA |
Period | 11/30/95 → 12/1/95 |
All Science Journal Classification (ASJC) codes
- General Computer Science