Group Hierarchies with Constrained User Assignment in Linux

نویسندگان

  • Gail-Joon Ahn
  • Seng-Phil Hong
چکیده

In this paper we investigate one aspect of RBAC administration concerning assignment of users to roles. A user-role assignment model can also be used for managing user-group assignment. We overview a constrained user-group assignment model and describe its implementation in the Linux system. Rather than set user and file rights individually for each and every user, the administrator can give rights to various groups, then place users within those groups in Linux. Each user within a group inherits the rights associated with that group. We describe an experiment to extend the Linux group mechanism to include group hierarchies and decentralized user-group assignment can be implemented by means of setgid programs.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

GROUP HIERARCHIES WITH DECENTRALIZED USER ASSIGNMENT IN WINDOWS NT RAVI SANDHU and GAIL-JOON AHN

The notion of groups in Windows NT is much like that in other operating systems. Rather than set user and le rights individually for each and every user, the administrator can give rights to various groups, then place users within those groups. In this paper we describe an experiment to extend the Windows NT group mechanism in two signi cant ways that are useful in managing group-based access c...

متن کامل

Decentralized user group assignment in Windows NT

The notion of groups in Windows NT is much like that in other operating systems. Rather than set user and ®le rights individually for each and every user, the administrator can give rights to various groups, then place users within those groups. Each user within a group inherits the rights associated with that group. In this paper, we describe an experiment to extend the Windows NT group mechan...

متن کامل

CONUGA: Constrained User-Group Assignment

In role-based access control (RBAC), permissions are associated with roles and users are made members of appropriate roles, thereby acquiring the roles’ permissions. The principal motivation behind RBAC is to simplify administration. In this paper, we investigate one aspect of RBAC administration concerning assignment of users to roles. We introduce a constrained user-role assignment model, cal...

متن کامل

Decentralized Group Hierarchies in UNIX: An Experiment and Lessons Learned

Unix includes a simple group mechanism for access control. In this paper we describe an experiment to extend this mechanism in two signi cant ways that are valuable in managing group-based access control in large-scale systems. The goal of our experiment is to demonstrate how group hierarchies (where groups include other groups) and decentralized user-group assignment (where administrators are ...

متن کامل

Repeated Record Ordering for Constrained Size Clustering

One of the main techniques used in data mining is data clustering, which has many applications in computer science, biology, and social sciences. Constrained clustering is a type of clustering in which side information provided by the user is incorporated into current clustering algorithms. One of the well researched constrained clustering algorithms is called microaggregation. In a microaggreg...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2004