64,129 research outputs found

    Applications of the Oriented Permission Role-Based Access Control Model

    Full text link
    Role-based access control and role hierarchies have been the subject of considerable research in recent years. In this paper, we consider three useful applications of a new role-based access control model that contains a novel approach to permissions and permission inheritance: one is to illustrate that the new model provides a simpler and more natural way to implement BLP model using role-based techniques; a second application is to make it possible to define separation of duty constraints on two roles that have a common senior role and for a user to be assigned to or activate the senior role; finally, we describe how a single hierarchy in the new model can support the distinction between role activation and permission usage. In short, the oriented permission model provides ways of implementing a number of useful features that have previously required ad hoc and inelegant solutions

    An Access Control Model for NoSQL Databases

    Get PDF
    Current development platforms are web scale, unlike recent platforms which were just network scale. There has been a rapid evolution in computing paradigm that has created the need for data storage as agile and scalable as the applications they support. Relational databases with their joins and locks influence performance in web scale systems negatively. Thus, various types of non-relational databases have emerged in recent years, commonly referred to as NoSQL databases. To fulfill the gaps created by their relational counter-part, they trade consistency and security for performance and scalability. With NoSQL databases being adopted by an increasing number of organizations, the provision of security for them has become a growing concern. This research presents a context based abstract model by extending traditional role based access control for access control in NoSQL databases. The said model evaluates and executes security policies which contain versatile access conditions against the dynamic nature of data. The goal is to devise a mechanism for a forward looking, assertive yet flexible security feature to regulate access to data in the database system that is devoid of rigid structures and consistency, namely a document based database such as MongoDB

    A secure, constraint-aware role-based access control interoperation framework

    Get PDF
    With the growing needs for and the benefits of sharing resources and information among different organizations, an interoperation framework that automatically integrates policies to facilitate such cross-domain sharing in a secure way is becoming increasingly important. To avoid security breaches, such policies must enforce the policy constraints of the individual domains. Such constraints may include temporal constraints that limit the times when the users can access the resources, and separation of duty (SoD) constraints. Existing interoperation solutions do not address such cross-domain temporal access control and SoDs requirements. In this paper, we propose a role-based framework to facilitate secure interoperation among multiple domains by ensuring the enforcement of temporal and SoD constraints of individual domains. To support interoperation, we do not modify the internal policies, as most of the current approaches do. We present experimental results to demonstrate our proposed framework is effective and easily realizable. © 2011 IEEE

    Fulton, County of and Fulton County Sheriffs Office Employees Alliance (2001)

    Get PDF

    RBPMN: A role-based BPMN for integrating structure and behavior models

    Get PDF
    Digitalization transforms business processes substantially due to increasing customer demands for flexibility, new technologies (e.g., Intelligent Technologies) and emerging markets. Business process models are used to understand current processes and provide guidance for process improvements. A role-based extension of the de-facto standard business process modeling language BPMN is proposed that can support the business transformation and other modeling challenges. Bachmann and Daya (1977) introduced roles, which provide the basis for the extension. Steimann (2000) and Kühn (2017) increased the understanding of roles and provided an overview of roles' versatility. This work incorporates roles in business process modeling, thereby closing the gap between structural and behavioral modeling.:Contents List of figures II List of tables III 1 Introduction 1 2 Background 1 3 Business Process Modeling Challenges 3 3.1 Variety of Performers 3 3.2 Adaptability 4 3.3 Context-Awareness 4 4 Proposing Roles as a Solution 5 5 The Role-based Business Process Model and Notation 7 5.1 BPMN Extension Mechanism 8 5.2 Composition of Roles in a Business Process 9 5.2.1 Active Roles 9 5.2.2 Passive Roles 9 5.3 Connector Elements 10 5.3.1 Role Prohibition 10 5.3.2 Role Inheritance 10 5.3.3 Role Condition 10 5.4 Location Role 10 5.5 Role Start Event 10 5.6 Gateways 11 5.7 RBPMN Syntax 11 5.8 Process Role Hierarchy 12 6 Role-Feature Integration 12 7 Modeling Case Study 14 8 Discussion 16 9 Conclusion 17 10 Acknowledgments 18 References I
    • …
    corecore