Scalable Authorization in Role-Based Access Control Using Negative Permissions and Remote Authorization

Abstract

Administration of access control is a major issue in large-scale computer systems. Many such computer systems proposed over recent years aim at reducing the effort required to govern access. Role-based access control (RBAC) systems are a huge benefit to this point. They reduce the tasks of an administrator or authorities when users take on different roles in an organization and need to be assigned different access rights or privileges based on these roles. RBAC is a very expressive and flexible access control mechanism that makes it possible to have security policies based on the principle of least privilege, static and dynamic separation of duties, conflicts between roles and permissions, and many more. This research proposes the use of negative permissions and remote authorization for improving the scalability of an RBAC implementation.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2003
Accession Number
ADA460113

Entities

People

  • Arpan P. Shah

Organizations

  • North Carolina State University

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Algorithms
  • Authentication
  • Client Server Systems
  • Computer Access Control
  • Computer Programming
  • Computers
  • Control Systems
  • Distributed Computing
  • Entry Control Systems
  • Graphical User Interface
  • Hierarchies
  • Information Operations
  • Java Programming Language
  • Language
  • Operating Systems
  • Programming Languages
  • Security Protocols

Fields of Study

  • Computer science

Readers

  • Database Systems and Applications
  • Defense Acquisition Program Management