Home | Browse | Search | Credits | About
Register | User Area | DL-Harvest | Help
DLIST

A Methodology for Managing Roles in Legacy Systems

Osborn, Sylvia and Han, Yan and Liu, Jun (2003) A Methodology for Managing Roles in Legacy Systems. Symposium on Access Control Models and Technologies, Como, Italy.

Full text available as:
PDF - Requires Adobe Acrobat Reader or other PDF viewer.

Abstract

Role-based access control (RBAC) is well accepted as a good technology for managing and designing access control in systems with many users and many objects. Much of the research on RBAC has been done in an environment isolated from real systems which need to be managed. In this paper, we propose a methodology for using an RBAC design tool we have developed, to manage and effect changes to an underlying relational database. We also discuss how to simulate the role graph model on a Unix system, and extend the methodology just described for relational databases to managing a Unix system when changes are made to the role graph.

EPrint Type:Conference Proceedings
Keywords:Security and Protection—Access controls;role-based access control, relational databases
Subjects:Databases
XML
Computer Science
ID Code:1786
Deposited On:04 April 2007
Alternative Locations:http://portal.acm.org/citation.cfm?doid=775412.775417
Eprint Statistics:View statistics for this eprint
Tell A Colleague:Tell a colleague about it.

1 D. Ferraiolo, J. Cugini, and D. Kuhn. Role-based access control (RBAC): Features and motivations. In Proceedings 11th Annual Computer Security Applications Conference, 1995.

2 Y. Guo. User/group administration for RBAC. Master's thesis, Dept. of Computer Science, The University of Western Ontario, 1999.

3 Y. Han. An XML model for RBAC for interaction with relational databases. Master's thesis, The University of Western Ontario, 2003.

4 L. Hua and S. Osborn. Modeling UNIX access control with a role graph. In Proceedings of International Conference on Computers and Information, June 1998.

5 J. Liu. Mapping the role graph model to UNIX. Master's thesis, The University of Western Ontario, 2002.

6 F. H. Lochovsky , C. C. Woo, Role-based security in data base management systems, on Database Security: Status and Prospects, p.209-222, September 1988, Annapolis, Maryland, United States

7 Matunda Nyanchama, Commercial integrity, roles and object orientation, University of Western Ontario, Ont., Canada, 1996

8 Matunda Nyanchama , Sylvia L. Osborn, Access Rights Administration in Role-Based Security Systems, Proceedings of the IFIP WG11.3 Working Conference on Database Security VII, p.37-56, August 23-26, 1994

9 Matunda Nyanchama , Sylvia Osborn, The role graph model and conflict of interest, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.3-33, Feb. 1999

10 Sylvia Osborn , Yuxia Guo, Modeling users in role-based access control, Proceedings of the fifth ACM workshop on Role-based access control, p.31-37, July 26-28, 2000, Berlin, Germany

11 Sylvia L. Osborn , Laura K. Reid , Gregory J. Wesson, On the interaction between role-based access control and relational databases, Proceedings of the tenth annual IFIP TC11/WG11.3 international conference on Database security: volume X : status and prospects: status and prospects, p.275-287, January 1997, Como, Italy

12 R. Sandhu and G.-J. Ahn. Decentralized group hierarchies in UNIX: An experiment and lessons learned. In National Information Systems Security Conference, 1998.

13 Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996

EPrints dLIST, an open access archive for the Information Sciences, is supported by the School of Information Resources and Library Science and Learning Technologies Center, University of Arizona. Established in 2002, dLIST has a global Advisory Board and is a part of the Information Technology & Society Research Lab. Open Archives
Contact: Admin | Donate