Please use this identifier to cite or link to this item: http://hdl.handle.net/1959.14/10024
302 Visitors
348 Hits
0 Downloads
- Title
- Role-based access control and the access control matrix
- Related
- 5th international conference on information and communications security, ICICS 2003 (10-13 October, 2003 : Huhehaote City, Inner-Mongolia)
- Related
- Lecture Notes in Computer Science Volume 2836/2003
- DOI
- 10.1007/b13930
- Publisher
- Heidelberg, Germany : Springer-Verlag
- Date
- 2003
- Author/Creator
- Saunders, Gregory
- Author/Creator
- Hitchens, Michael
- Author/Creator
- Varadharajan, Vijay
- Description
- The Access Matrix is a useful model for understanding the behaviour and properties of access control systems. While the matrix is rarely implemented, access control in real systems is usually based on access control mechanisms, such as access control lists or capabilities, that have clear relationships with the matrix model. In recent times a great deal of interest has been shown in Role Based Access Control (RBAC) models. However, the relationship between RBAC models and the Access Matrix is not clear. In this paper we present a model of RBAC based on the Access Matrix which makes the relationships between the two explicit. In the process of constructing this model, some fundamental similarities between certain capability models and RBAC are revealed. In particular, we outline a proof that RBAC and the ACM are equivalent with respect to the policies they can represent. From this we conclude that, in a similar way to access lists and capabilities, RBAC is a derivation of the Access Matrix model.
- Description
- 13 page(s)
- Subject Keyword
- internet security
- Resource Type
- conference paper
- Organisation
- Macquarie University. Dept. of Computing
- Identifier
- http://hdl.handle.net/1959.14/10024
- Identifier
- ISSN:0302-9743
- Identifier
- mq-rm-2003018998
- Language
- eng
- Reviewed
