6533b7d2fe1ef96bd125edab

RESEARCH PRODUCT

Trust-aware RBAC

Vladimir A. Oleshchuk

subject

DelegateTrustworthinessComputer scienceReading (process)media_common.quotation_subjectControl (management)Role-based access controlVDP::Technology: 500::Information and communication technology: 550Computer securitycomputer.software_genrecomputerExpression (mathematics)media_common

description

Published version of a chapter in the book: Computer Network Security. Also available from the publisher at: http://dx.doi.org/10.1007/978-3-642-33704-8_9 In this paper we propose a trust-aware enhancement of RBAC (TA-RBAC) that takes trustworthiness of users into consideration explicitly before granting access. We assume that each role in the framework is associated with an expression that describe trustworthiness of subjects required to be able to activate the role, and each subject (user) has assigned trustworthiness level in the system. By adding trustworthiness constraints to roles we enhance system, for example, with more flexible ability to delegate roles, to control reading/updating of objects by denying such operations to those subjects that violate trustworthiness requirements.

yearjournalcountryeditionlanguage
2012-01-01
http://hdl.handle.net/11250/137956