A Feature-Based Modeling Approach to Configuring Privacy and Temporality in RBAC
نویسندگان
چکیده
Role-Based Access Control (RBAC) has been increasingly popular due to its efficiency, flexibility, and scalability. Traditionally, RBAC is concerned with Separation of Duty (SoD) among roles and role hierarchies. However, there have been demands for extensions of RBAC as environments of RBAC systems have changed. As part of response to the demands, privacy RBAC and temporal RBAC have been proposed. While the two extensions address different aspects, they are often needed together in many systems such as hospital systems. In this paper, we present a feature-based approach that enables systematic enforcement of combined privacy and temporal RBAC in development. The approach models the two extensions as features based on partial inheritance which supports verifiable feature composition. We demonstrate the approach using a hospital example.
منابع مشابه
A feature-based approach for modeling role-based access control systems
Role-based access control (RBAC) is a popular access control model for enterprise systems due to its flexibility and scalability. There are many RBAC features available, each providing a different function. Not all features are needed for an RBAC system. Depending on the requirements, one should be able to configure features on a need basis, which reduces development complexity and thus fosters...
متن کاملAttribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملA Verifiable Modeling Approach to Configurable Role-Based Access Control
Role-based access control (RBAC) is a popular access control model for enterprise systems due to its economic benefit and scalability. There are many RBAC features available, each providing a different feature. Not all features are needed for an RBAC system. Depending on the requirements, one should be able to configure RBAC by selecting only those features that are needed for the requirements....
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملEfficient Graph Based Approach to Large Scale Role Engineering
Role engineering is the process of defining a set of roles that offer administrative benefit for Role Based Access Control (RBAC), which ensures data privacy. It is a business critical task that is required by enterprises wishing to migrate to RBAC. However, existing methods of role generation have not analysed what constitutes a beneficial role and as a result, often produce inadequate solutio...
متن کامل