A Model for Attribute Based Role-Role Assignment (ARRA)
Abstract
Administrative Role Based Access Control (ARBAC) models specify how to manage user-role assignments (URA), permission-role assignments (PRA), and role-role assignments (RRA). Many approaches have been proposed in the literature for URA, PRA, and RRA. In this paper, we propose a model for attribute-based role-role assignment (ARRA), a novel way to unify prior RRA approaches. We leverage the idea that attributes of various RBAC entities such as admin users and regular roles can be used to administer RRA in a highly flexible manner. We demonstrate that ARRA can express and unify prior RRA models.
- Publication:
-
arXiv e-prints
- Pub Date:
- June 2017
- DOI:
- 10.48550/arXiv.1706.10274
- arXiv:
- arXiv:1706.10274
- Bibcode:
- 2017arXiv170610274N
- Keywords:
-
- Computer Science - Cryptography and Security
- E-Print:
- 1 Table, 1 Figure This paper was published on "Secure Knowledge Management Workshop 2017, St. Pete, FL, Oct 6-7 2017" Website: https://www.csiac.org/event/secure-knowledge-management-workshop-2017-skm-2017/