Nothing Special   »   [go: up one dir, main page]
Skip to main content
SpringerLink
Log in

Applying RBAC Providing Restricted Permission Inheritance to a Corporate Web Environment

  • Conference paper
  • First Online:
Web Technologies and Applications (APWeb 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2642))

Included in the following conference series:

Abstract

A successful marriage of Web and RBAC technology can support effective enterprise-wide security in large-scale systems. But RBAC has a role hierarchy concept that senior role inherits all permissions of junior roles. In the corporate environments, senior role need not have all authority of junior roles, and unconditional inheritance in role hierarchy causes undesirable side effects(permission abuse) and violates the principle of least privilege. In this paper1, we re-explore role and permission inheritance and propose a new model providing restricted permission inheritance. To do this, we divide a single role into sub-roles(Corporate/Department Common role, Restricted Inheritance role, Private Role) based on the degree of inheritance and business characteristics and make role hierarchy with sub-roles. It is very useful to solve unconditional inheritance problem in a corporate environment. And we describe formal description of proposed model. Lastly, we show a system architecture applying RBAC with proposed model within a corporate web environment.

This research was supported by University IT Research Center Project

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. David F. Ferraiolo, John F. Barkley, and D. Ricard Kuhn: A Role-Based Access Control Model and Reference Implementation With a Corporate Intranet. ACM Transactions on Information and System Security, Vol 2, No. 1 (1999) 34–64

    Article  Google Scholar 

  2. Joon S. Park, Ravi Sandhu: RBAC on the Web by Smart Certificates, Proceedings of the fourth ACM workshop on RBAC(1999) 1–9

    Google Scholar 

  3. Zahir Tari, Shun-Wu Chan: A Role-Based Access Control For Internet Security. IEEE Internet Computing(1997) 24–34

    Google Scholar 

  4. MyongJae Kim, YongHoon Yi, HyungHyo Lee and BongNam Noh: A Design Methodology of Role Hierarchies providing Restricted Permission Inheritance. Proceeding of Conference on Information Security and Cryptology, Korea institute of Information Security & Cryptology (2002) 326–329

    Google Scholar 

  5. Sejong Oh, Seog Park: Task-Role Based Access Control(T-RBAC): An Improved Access Control Model for Enterprise Environment. DEXA2000(2000)

    Google Scholar 

  6. Ravi S. Sandhu: Role-Based Access Control Models IEEE Computer, Feb(1996)

    Google Scholar 

  7. Joon S. Park, Ravi Sandhu, and SreeLatha Ghanta: RBAC on the Web by secure cookies. In Proceedings of the IFIP WG11.3 Workshop on Database Security(1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science, Chonnam Nat’l University, 500-757, Gwangju, Korea

    YongHoon Yi, MyongJae Kim, YoungLok Lee & BongNam Noh

  2. Div. of Information and EC, Wonkwang University, 570-749, Iksan, Korea

    HyungHyo Lee

Authors
  1. YongHoon Yi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. MyongJae Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. YoungLok Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. HyungHyo Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. BongNam Noh
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Technology and Electrical Engineering, The University of Queensland, Brisbane, QLD, 4072, Australia

    Xiaofang Zhou  & Maria E. Orlowska  & 

  2. Department of Mathematics and Computing, University of Southern Queensland, Toowoomba, QLD, 4350, Australia

    Yanchun Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yi, Y., Kim, M., Lee, Y., Lee, H., Noh, B. (2003). Applying RBAC Providing Restricted Permission Inheritance to a Corporate Web Environment. In: Zhou, X., Orlowska, M.E., Zhang, Y. (eds) Web Technologies and Applications. APWeb 2003. Lecture Notes in Computer Science, vol 2642. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36901-5_29

Download citation

  • DOI: https://doi.org/10.1007/3-540-36901-5_29

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-02354-8

  • Online ISBN: 978-3-540-36901-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation