Abstract | ||
---|---|---|
Recent years, papers on role-based access control (RBAC) have increasingly emerged, but not many of them deal with real large-scale applications. In this paper, through an example system, the China Official Documents Run System (CODRS), the issues on access control tactics in large-scale organizations are discussed. Also, the paper demonstrates that it is effective to apply role hierarchy tactics in large-scale applications. The basic access control policy and management methods in CODRS are introduced and an improved role hierarchy model based on the RBAC96 model is presented. Especially, a changeable role inheriting mechanism and some other key concepts and methods used in CODRS are discussed, and a comparison between the new model and RBAC96 model is given. Meanwhile, we conclude that because of the complexity of permission requirements in large applications, using the RBAC policy only is not enough, and it is also necessary to adopt traditional access control mechanisms in practices. |
Year | DOI | Venue |
---|---|---|
2002 | 10.1109/CSCWD.2002.1047736 | CSCWD |
Keywords | Field | DocType |
large database system,document state access control system,information retrieval,codrs,inheritance,rbac96,user permissions,inheritances,authorisation,china official documents run system,very large databases,role-based access control,large-scale applications,role based access control,testing,database systems,local area networks,concrete,computer science,application software,access control | Permission,Computer access control,World Wide Web,Large applications,Computer science,China,Role-based access control,Knowledge management,Risk analysis (engineering),Access control,Discretionary access control,Role hierarchy | Conference |
ISBN | Citations | PageRank |
85-285-0050-0 | 0 | 0.34 |
References | Authors | |
10 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Yihong Lu | 1 | 3 | 0.74 |
Han-Tao Song | 2 | 40 | 6.18 |
Yuanming Gong | 3 | 0 | 0.34 |
Yunrong Liang | 4 | 0 | 0.34 |