Accession Number:

ADA460113

Title:

Scalable Authorization in Role-Based Access Control Using Negative Permissions and Remote Authorization

Descriptive Note:

Corporate Author:

NORTH CAROLINA STATE UNIV AT RALEIGH DEPT OF ELECTRICAL AND COMPUTER ENGINEERING

Personal Author(s):

Report Date:

2003-01-01

Pagination or Media Count:

79.0

Abstract:

Administration of access control is a major issue in large-scale computer systems. Many such computer systems proposed over recent years aim at reducing the effort required to govern access. Role-based access control RBAC systems are a huge benefit to this point. They reduce the tasks of an administrator or authorities when users take on different roles in an organization and need to be assigned different access rights or privileges based on these roles. RBAC is a very expressive and flexible access control mechanism that makes it possible to have security policies based on the principle of least privilege, static and dynamic separation of duties, conflicts between roles and permissions, and many more. This research proposes the use of negative permissions and remote authorization for improving the scalability of an RBAC implementation.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE