Fuzzy Role-Based Access Control
نویسندگان
چکیده
RBAC (Role-Based Access Control) is a widely used access control model, which reduces the maintenance cost of classical identitybased access control. However, despite the benefits of RBAC, there are environments in which RBAC can hardly be applied. We present FRBAC (Fuzzy Role-Based Access Control), a generalization of RBAC that fits the requirements of environments where authorization-related information is vague. Moreover, FRBAC deals with environments where the actions that can be executed over the resources have a fractional meaning, as data lying in databases and QoS-subjected operations. FRBAC generalizes RBAC through the use of fuzzy relations.
منابع مشابه
Fuzzy Approach to Role Based Access Control
The goal of access control is to allow only authorized users to access sensitive information. Role based access control (RBAC) is emerging as a generalized approach to security and has been shown to be applicable to a wide range of security requirements of organizations and applications [3]. Possibility of using RBAC approach to an environment with multiple policy domains further justifies the ...
متن کاملFuzzy Approach to Role Based Access Control
The goal of access control is to allow only authorized users to access sensitive information. Role based access control (RBAC) is emerging as a generalized approach to security and has been shown to be applicable to a wide range of security requirements of organizations and applications [3]. Possibility of using RBAC approach to an environment with multiple policy domains further justifies the ...
متن کاملApplying Fuzzy Relations in Role-Based Access Control
Current computer security systems are based on the premise that once a user presents valid credentials to the authentication system (e.g. valid ID and password), they are granted access permission to all resources assigned to the user that they claim to be. However, numerous studies have shown that most security breaches are done by unauthorized users impersonating as authorized users (e.g. by ...
متن کاملA semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Inf. Process. Lett.
دوره 111 شماره
صفحات -
تاریخ انتشار 2011