article

Security analysis in role-based access control

Authors:

Ninghui Li,

Mahesh V. TripunitaraAuthors Info & Claims

ACM Transactions on Information and System Security (TISSEC), Volume 9, Issue 4

Pages 391 - 420

https://doi.org/10.1145/1187441.1187442

Published: 01 November 2006 Publication History

Get Access

Abstract

The administration of large role-based access control (RBAC) systems is a challenging problem. In order to administer such systems, decentralization of administration tasks by the use of delegation is an effective approach. While the use of delegation greatly enhances flexibility and scalability, it may reduce the control that an organization has over its resources, thereby diminishing a major advantage RBAC has over discretionary access control (DAC). We propose to use security analysis techniques to maintain desirable security properties while delegating administrative privileges. We give a precise definition of a family of security analysis problems in RBAC, which is more general than safety analysis that is studied in the literature. We show that two classes of problems in the family can be reduced to similar analysis in the RT[↞∩] role-based trust-management language, thereby establishing an interesting relationship between RBAC and the RT framework. The reduction gives efficient algorithms for answering most kinds of queries in these two classes and establishes the complexity bounds for the intractable cases.

References

[1]

Ahn, G.-J. and Sandhu, R. S. 2000. Role-based authorization constraints specification. ACM Transactions on Information and System Security 3, 4 (Nov.), 207--226.

Crossref

Google Scholar

[2]

Crampton, J. 2002. Authorizations and antichains. Ph.D. thesis, Birbeck College, University of London, UK.

Google Scholar

[3]

Crampton, J. 2003. Specifying and enforcing constraints in role-based access control. In Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies (SACMAT 2003). Como, Italy. 43--50.

Crossref

Google Scholar

[4]

Crampton, J. and Loizou, G. 2003. Administrative scope: A foundation for role-based administrative models. ACM Transactions on Information and System Security 6, 2 (May), 201--231.

Crossref

Google Scholar

[5]

Ferraiolo, D. F., Sandhu, R. S., Gavrila, S., Kuhn, D. R., and Chandramouli, R. 2001. Proposed NIST standard for role-based access control. ACM Transactions on Information and Systems Security 4, 3 (Aug.), 224--274.

Crossref

Google Scholar

[6]

Ferraiolo, D. F., Chandramouli, R., Ahn, G.-J., and Gavrila, S. 2003. The role control center: Features and case studies. In Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies.

Crossref

Google Scholar

[7]

Garey, M. R. and Johnson, D. J. 1979. Computers And Intractability: A Guide to the Theory of NP-Completeness. Freeman, San Francisco, CA.

Crossref

Google Scholar

[8]

Graham, G. S. and Denning, P. J. 1972. Protection---principles and practice. In Proceedings of the AFIPS Spring Joint Computer Conference. Vol. 40. AFIPS Press, Montvale, N.J. 417--429.

Google Scholar

[9]

Harrison, M. A., Ruzzo, W. L., and Ullman, J. D. 1976. Protection in operating systems. Communications of the ACM 19, 8 (Aug.), 461--471.

Crossref

Google Scholar

[10]

Jaeger, T. and Tidswell, J. E. 2001. Practical safety in flexible access control models. ACM Transactions on Information and System Security 4, 2 (May), 158--190.

Crossref

Google Scholar

[11]

Koch, M., Mancini, L. V., and Parisi-Presicce, F. 2002a. Decidability of safety in graph-based models for access control. In Proceedings of the Seventh European Symposium on Research in Computer Security (ESORICS 2002). Springer, New York. 229--243.

Crossref

Google Scholar

[12]

Koch, M., Mancini, L. V., and Parisi-Presicce, F. 2002b. A graph-based formalism for RBAC. ACM Transactions on Information and System Security 5, 3 (Aug.), 332--365.

Crossref

Google Scholar

[13]

Koch, M., Mancini, L. V., and Parisi-Presicce, F. 2004. Administrative scope in the graph-based framework. In Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies (SACMAT 2004). 97--104.

Crossref

Google Scholar

[14]

Lampson, B. W. 1971. Protection. In Proceedings of the 5th Princeton Conference on Information Sciences and Systems. Reprinted in ACM Operating Systems Review 8, 1, 18--24 (Jan 1974).

Crossref

Google Scholar

[15]

Li, N. and Tripunitara, M. V. 2004. Security analysis in role-based access control. In Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies (SACMAT 2004). 126--135.

Crossref

Google Scholar

[16]

Li, N., Winsborough, W. H., and Mitchell, J. C. 2003. Distributed credential chain discovery in trust management. Journal of Computer Security 11, 1 (Feb.), 35--86.

Crossref

Google Scholar

[17]

Li, N., Mitchell, J. C., and Winsborough, W. H. 2002. Design of a role-based trust management framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Washington, DC. 114--130.

Crossref

Google Scholar

[18]

Li, N., Mitchell, J. C., and Winsborough, W. H. 2005. Beyond proof-of-compliance: Security analysis in trust management. Journal of the ACM 52, 3 (May), 474--514. (Preliminary version appeared in Proceedings of 2003 IEEE Symposium on Security and Privacy.)

Crossref

Google Scholar

[19]

Lipton, R. J. and Snyder, L. 1977. A linear time algorithm for deciding subject security. Journal of the ACM 24, 3, 455--464.

Crossref

Google Scholar

[20]

Munawer, Q. and Sandhu, R. S. 1999. Simulation of the augmented typed access matrix model (ATAM) using roles. In Proceedings of INFOSECU99 International Conference on Information and Security.

Google Scholar

[21]

Oh, S. and Sandhu, R. S. 2002. A model for role admininstration using organization structure. In Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies (SACMAT 2002).

Crossref

Google Scholar

[22]

Park, J. and Sandhu, R. S. 2004. The UCONABC usage control model. ACM Transactions on Information and System Security 7, 128--174.

Crossref

Google Scholar

[23]

Sandhu, R. S. 1988. The schematic protection model: Its definition and analysis for acyclic attenuating systems. Journal of the ACM 35, 2, 404--432.

Crossref

Google Scholar

[24]

Sandhu, R. S. 1992. The typed access matrix model. In Proceedings of the 1992 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Washington, DC. 122--136.

Crossref

Google Scholar

[25]

Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. 1996. Role-based access control models. IEEE Computer 29, 2 (Feb.), 38--47.

Crossref

Google Scholar

[26]

Sandhu, R. S., Bhamidipati, V., and Munawer, Q. 1999. The ARBAC97 model for role-based aministration of roles. ACM Transactions on Information and Systems Security 2, 1 (Feb.), 105--135.

Crossref

Google Scholar

[27]

Schaad, A., Moffett, J., and Jacob, J. 2001. The role-based access control system of a European bank: A case study and discussion. In Proceedings of the Sixth ACM Symposium on Access Control Models and Technologies. ACM Press, New York. 3--9.

Crossref

Google Scholar

[28]

Tripunitara, M. V. and Li, N. 2004. Comparing the expressive power of access control models. In Proceedings of 11th ACM Conference on Computer and Communications Security (CCS-11). ACM Press, New York. 62--71.

Crossref

Google Scholar

[29]

Zhang, X., Park, J., Parisi-Presicce, F., and Sandhu, R. S. 2004. A logical specification for usage control. In Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies (SACMAT 2004).

Crossref

Google Scholar

[30]

Zhang, X., Parisi-Presicce, F., Sandhu, R. S., and Park, J. 2005. Formal model and policy specification of usage control. ACM Transactions on Information and System Security 8, 351--387.

Crossref

Google Scholar

Cited By

View all

Pratap Singh M(2023)Role of Access Control in Information Security: A Security Analysis ApproachInformation Security and Privacy in the Digital World - Some Selected Topics10.5772/intechopen.111371Online publication date: 27-Sep-2023
https://doi.org/10.5772/intechopen.111371
Du YZhou YHu H(2023)Dynamic Assignment of Roles and Users for Business Processes Under Security RequirementsIEEE Transactions on Industrial Informatics10.1109/TII.2023.324056819:10(10344-10355)Online publication date: Oct-2023
https://doi.org/10.1109/TII.2023.3240568
Gupta MSandhu RMawla TBenson J(2023)Reachability Analysis for Attributes in ABAC With Group HierarchyIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.314535820:1(841-858)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2022.3145358
Show More Cited By

Index Terms

Security analysis in role-based access control
1. Security and privacy
  1. Security services
    1. Access control
  2. Systems security
    1. Operating systems security
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

Configuring role-based access control to enforce mandatory and discretionary access control policies

Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Security analysis in role-based access control
SACMAT '04: Proceedings of the ninth ACM symposium on Access control models and technologies

Delegation is often used in administrative models for Role-Based Access Control (RBAC) systems to decentralize administration tasks. While the use of delegation greatly enhances flexibility and scalability, it may reduce the control that an organization ...
Delegation in role-based access control

User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...

Reviews

Reviewer: George R. Mayforth

Role-based access control (RBAC) permits an organization to define a role as being associated with specific resources. When individuals are assigned to a role, they are provided access to that role's resources. This aggregation of permissions simplifies administration compared to discretionary access control (DAC), wherein access is granted on a per-resource basis. In large organizations with large numbers of people and resources, DAC can be quite labor intensive, which motivates interest in and investigations of RBAC. As might be expected, there are tradeoffs to consider when RBAC is employed. In large organizations, it is normal to delegate administration fairly widely. This presents the problem of verifying that delegations in an RBAC system do not interfere with each other, and unintentionally violate the security that RBAC is trying to enforce. This paper provides a mathematical definition of two classes of problems in RBAC, and uses it to reduce analysis of the classes to equivalent analyses in RT, a role-based trust management language. Because RT is designed to enforce consistent security policies regarding access control, the reduction permits rigorous analysis of the two classes of RBAC problems. To quote the authors: "The reduction gives efficient algorithms for answering most kinds of queries in these two classes and establishes the complexity bounds for the intractable cases." This work takes an important step toward a rigorous understanding of the security analysis of RBAC. It is, however, only a starting point. The authors point out areas that could be studied in future efforts. The paper is clearly written, and provides detailed proofs of its major assertions. It should be of interest to researchers and implementers in this field.

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ACM Transactions on Information and System Security Volume 9, Issue 4

November 2006

96 pages

ISSN:1094-9224

EISSN:1557-7406

DOI:10.1145/1187441

Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 November 2006

Published in TISSEC Volume 9, Issue 4

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

138
Total Citations
View Citations
2,640
Total Downloads

Downloads (Last 12 months)67
Downloads (Last 6 weeks)12

Reflects downloads up to 12 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Pratap Singh M(2023)Role of Access Control in Information Security: A Security Analysis ApproachInformation Security and Privacy in the Digital World - Some Selected Topics10.5772/intechopen.111371Online publication date: 27-Sep-2023
https://doi.org/10.5772/intechopen.111371
Du YZhou YHu H(2023)Dynamic Assignment of Roles and Users for Business Processes Under Security RequirementsIEEE Transactions on Industrial Informatics10.1109/TII.2023.324056819:10(10344-10355)Online publication date: Oct-2023
https://doi.org/10.1109/TII.2023.3240568
Gupta MSandhu RMawla TBenson J(2023)Reachability Analysis for Attributes in ABAC With Group HierarchyIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.314535820:1(841-858)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2022.3145358
Sándor BRajnai Z(2023)Smart Building IoT Cybersecurity: A Review of Threats and Mitigation Technique2023 IEEE 21st Jubilee International Symposium on Intelligent Systems and Informatics (SISY)10.1109/SISY60376.2023.10417954(000321-000326)Online publication date: 21-Sep-2023
https://doi.org/10.1109/SISY60376.2023.10417954
Long DWang JHan BChen DShi L(2023)MS-UCON: A Usage Control Model for Meteorological Operational Systems2023 19th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery (ICNC-FSKD)10.1109/ICNC-FSKD59587.2023.10281006(1-6)Online publication date: 29-Jul-2023
https://doi.org/10.1109/ICNC-FSKD59587.2023.10281006
Deng XLi BZhang SDeng L(2023)Blockchain-based dynamic trust access control game mechanismJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.01.01035:2(702-725)Online publication date: Feb-2023
https://doi.org/10.1016/j.jksuci.2023.01.010
Truong A(2023)Efficient Analysis of Sequences of Security Problems in Access Control SystemsMobile Computing and Sustainable Informatics10.1007/978-981-99-0835-6_5(67-80)Online publication date: 27-May-2023
https://doi.org/10.1007/978-981-99-0835-6_5
Jaimunk J(2023)The Analysis of Security Properties for Dynamic Privacy-Policy in Data Collection and Access ControlAdvances in Systems Engineering10.1007/978-3-031-40579-2_17(175-182)Online publication date: 4-Aug-2023
https://doi.org/10.1007/978-3-031-40579-2_17
Parkinson SKhan S(2022)A Survey on Empirical Security Analysis of Access-control Systems: A Real-world PerspectiveACM Computing Surveys10.1145/353370355:6(1-28)Online publication date: 7-Dec-2022
https://dl.acm.org/doi/10.1145/3533703
Guo QTripunitara MDietrich SChowdhury OTakabi D(2022)The Secrecy Resilience of Access Control Policies and Its Application to Role MiningProceedings of the 27th ACM on Symposium on Access Control Models and Technologies10.1145/3532105.3535030(115-126)Online publication date: 7-Jun-2022
https://dl.acm.org/doi/10.1145/3532105.3535030
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Configuring role-based access control to enforce mandatory and discretionary access control policies