A role and context based security model

Security requirements approached at the enterprise level initiate the need for models that capture the organisational and distributed aspects of information usage. Such models have to express organisation-specific security policies and internal controls aiming to protect information against unauthorised access and modification, and against usage of information for unintended purposes. This dissertation describes a systematic approach to modelling the security requirements from the perspective of job functions and tasks performed in an organisation. It deals with the design, analysis, and management of security abstractions and mechanisms in a unified framework. The basis of access control policy in this framework is formulated around a semantic construct of a role. Roles are granted permissions according to the job functions that exist in an organisation, and then users are assigned to roles on basis of their specific job responsibilities. In order to ensure that permissions included in the roles are used by users only for purposes corresponding to the organisation’s present business needs, a novel approach of “active” context-based access control is proposed. The usage of role permissions in this approach is controlled according to the emerging context associated with progress of various tasks in the organisation. The work explores formally the security properties of the established model, in particular, support for separation of duty and least privilege principles that are important requirements in many commercial systems. Results have implications for understanding different variations of separation of duty policy that are currently used in role-based access control. Finally, a design architecture of the defined security model is presented detailing the components and processing phases required for successful application of the model to distributed computer environments. The model provides opportunities for the implementers, based on application requirements, to choose between several alternative design approaches.