Abstract | ||
---|---|---|
RBAC as a kind of permission access control technologies supports enterprise information security effectively. However, in many cases, traditional RBAC can only establish a permission access control mechanism based on discrete group-role or user-role management inside an organization. And the user group whose organization structure is more complicated is not supported by RBAC. It is also lack of the adaptability of dynamic changes to the complex organization structure. To solve these problems, a permission model called Flexible Organization Structure-Based Access Control (FOSBAC) is proposed, which combines the flexible organization structure with the access control to achieve the dynamic management of permissions. First, the general framework and the formal description of FOSBAC are given. Then, the application template using the XACML specification is constructed and an analysis on a case of accessing financial statements is used to demonstrate the feasibility of the application. Finally, it is shown that FOSBAC possesses better adaptability to complex organization structure and higher management efficiency in comparison with RBAC and ROBAC. © 2011 IEEE. |
Year | DOI | Venue |
---|---|---|
2011 | 10.1109/APSCC.2011.63 | APSCC |
Keywords | Field | DocType |
dynamic management,flexible organization structure,fosbac,permission access control,rbac,workstations,structural dynamics,information security,mathematical model,access control,xml,discrete group,organizations,financial management | Adaptability,Permission,Organizational structure,Computer science,Information security,Role-based access control,XACML,Access control,Financial management,Distributed computing | Conference |
Volume | Issue | Citations |
null | null | 2 |
PageRank | References | Authors |
0.42 | 4 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Minghui Jing | 1 | 2 | 0.42 |
Hongming Cai | 2 | 396 | 58.68 |
Fenglin Bu | 3 | 200 | 13.06 |