Rule-Based RBAC with Negative Authorization
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference(2004)
摘要
RBAC has proven to be a flexible and useful access control model in practice. Rule-Based RBAC family of models was developed based on RBAC to overcome some of its limitations. One particular model of this family, which we call RB-RBAC-ve, introduces the concept of negative authorization to the RBAC arena. This paper provides a more detailed analysis of RB-RBAC-ve. The analysis includes user authorization, conflict among rules, conflict resolution polices, the impact of negative authorization on role hierarchies and enforcement architecture.
更多查看译文
关键词
role hierarchy,detailed analysis,user authorization,useful access control model,negative authorization,conflict resolution police,rbac arena,particular model,rule-based rbac family,enforcement architecture,conflict resolution,authorisation,rule based
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要