Paper Info
Title
Context sensitivity in role-based access control
Abstract
This paper describes an extended role-based access control (RBAC) model, which makes RBAC sensitive to the context of an attempted operation. Traditional RBAC does not specify whether the permissions associated with a role enable access to a particular object, or to some subset of objects belonging to a class. We extend the model by introducing the notions of role context and context filters. Context filters are Boolean expressions based on the context of the user attempting the operation, as well as the context of the object upon which the operation is attempted. By supplying context filters during the definition of a role, a security administrator can easily limit the applicability of users' role memberships to particular subsets of the target objects. We also describe our implementation of the model in a web-services platform, to illustrate how this technique is particularly valuable when the data is hierarchically structured.
Year
DOI
Venue
2002
10.1145/567331.567336
Operating Systems Review
Keywords
Field
DocType
attempted operation,context filter,context sensitivity,traditional rbac,boolean expression,target object,extended role-based access control,particular subsets,role membership,role context,particular object,web service,role based access control
Context-sensitive language,Authentication,Computer security,Computer science,Cryptography,Role-based access control,Context model,Human–computer interaction,Access control,Password,Boolean expression,Distributed computing
Journal
Volume
Issue
Citations 
36
3
56
PageRank 
References 
Authors
2.98
12
3
Name
Order
Citations
PageRank
Arun Kumar159551.04
Neeran Karnik223412.95
Girish Chafle326513.90