Role activation hierarchies
- 1 October 1998
- conference paper
- Published by Association for Computing Machinery (ACM)
Abstract
The concept of a role hierarchy (that is, partial order)is often included in role-based access control (RBAC)models and systems. In current practice the same hierarchyis typically used for two distinct purposes. Membersof a senior role in the hierarchy inherit permissionsfrom juniors. We call this the usage (or permissionusage)aspect of role hierarchies. Membership in a seniorrole also authorizes users to activate junior roles.For purpose of least privilege a user may choose to...Keywords
This publication has 6 references indexed in Scilit:
- Specifying and managing role-based access control within a corporate intranetPublished by Association for Computing Machinery (ACM) ,1997
- Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systemsPublished by Association for Computing Machinery (ACM) ,1997
- Role-based access controlPublished by Association for Computing Machinery (ACM) ,1996
- Rationale for the RBAC96 family of access control modelsPublished by Association for Computing Machinery (ACM) ,1996
- Role-based access control modelsComputer, 1996
- Lattice-based access control modelsComputer, 1993