Title: ROAC: A role-oriented access control model
Authors: Nassr, Nezar; S0196107;
Steegmans, Eric #
Issue Date: Jun-2012
Publisher: Springer
Host Document: Lecture Notes in Computer Science vol:7322 pages:113-127
Conference: Workshop in Information Security Theory and Practice edition:6 location:Egham date:20-22 June, 2012
Abstract: Role-Based Access Control (RBAC) has become the de facto
standard for realizing authorization requirements in a wide range of organizations.
Existing RBAC models suffer from two main shortcomings;
lack of expressiveness of roles/permissions and ambiguities of their hierarchies.
Roles/permissions expressiveness is limited since roles do not
have the ability to express behaviour and state, while hierarchical RBAC
cannot reflect real organizational hierarchies. In this paper, we propose
a novel access control model: The Role-Oriented Access Control Model
(ROAC), which is based on the concepts of RBAC but inspired by the
object-oriented paradigm. ROAC greatly enhances expressiveness of roles
and permissions by introducing parameters and methods as members.
The hierarchical ROAC model supports selective inheritance of permissions.
ISBN: 978-3-642-30954-0
ISSN: 0302-9743
Publication status: published
KU Leuven publication type: IC
Appears in Collections:Informatics Section
# (joint) last author

Files in This Item:
File Description Status SizeFormat
ROAC.pdfOA Article Published 283KbAdobe PDFView/Open


All items in Lirias are protected by copyright, with all rights reserved.