Inter-ReBAC: Inter-operation of Relationship-Based Access Control Model Instances
نویسندگان
چکیده
Relationship-based access control (ReBAC) models define authorization policies and make authorization decisions on the basis of relationships between the entities in a system. We present a framework through which multiple ReBAC model instances can interoperate so that requests initiated in one system may target resources in a second system. Further, our framework is able to support requests passing through a chain of inter-connected systems, thus enabling many systems to be connected together or a single large system to be decomposed into numerous component subsystems. Whilst the underlying principles of this framework can be applied to any ReBAC model, we introduce its formal application to our RPPM model [3], the first, and most actively developing, general computing ReBAC model.
منابع مشابه
Relationship-Based Access Control for OpenMRS
Inspired by the access control models of social network systems, Relationship-Based Access Control (ReBAC) was recently proposed as a general-purpose access control paradigm for application domains in which authorization must take into account the relationship between the access requestor and the resource owner. The healthcare domain is envisioned to be an archetypical application domain in whi...
متن کاملAn Administrative Model for Relationship-Based Access Control
Relationship-based access control (ReBAC) originated in the context of social network systems and recently is being generalized to be suitable for general computing systems. This paper defines a ReBAC model, based on Crampton and Sellwood’s RPPM model, designed to be suitable for general computing systems. Our ReBAC model includes a comprehensive administrative model. The administrative model i...
متن کاملObject-to-Object Relationship-Based Access Control: Model and Multi-Cloud Demonstration
Relationship Based Access Control (ReBAC) has been recognized as a distinctive form of access control since the advent of online social networks (OSNs). In the OSN context, ReBAC typically expresses authorization policy in terms of interpersonal relationship between users. OSN-inspired ReBAC models primarily focus on user-to-user relationships, although some have also considered user-to-resourc...
متن کاملRelationship based access control
Relationship Based Access Control (ReBAC) has emerged as a popular alternative to traditional access control models, such as Role Based Access Control (RBAC) and Attribute Based Access Control (ABAC). However, some of the model’s aspects, such as its expression language and delegation abilities have not been studied in depth. Furthermore, existing ReBAC models cater to single policy control, th...
متن کاملAttribute-Aware Relationship-Based Access Control for Online Social Networks
Relationship-based access control (ReBAC) has been adopted as themost prominent approach for access control in online social networks (OSNs), where authorization policies are typically specified in terms of relationships of certain types and/or depth between the access requester and the target. However, using relationships alone is often not sufficient to enforce various security and privacy re...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2016