To see the other types of publications on this topic, follow the link: RBAC (Role-Based Access Control).
Journal articles on the topic 'RBAC (Role-Based Access Control)'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'RBAC (Role-Based Access Control).'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Vinay Reddy Male. "Decoding Role-Based Access Control (RBAC)." International Journal of Scientific Research in Computer Science, Engineering and Information Technology 11, no. 1 (2025): 2082–90. https://doi.org/10.32628/cseit251112211.
Full textAbstract:
This article provides a comprehensive examination of Role-Based Access Control (RBAC) and its significance in modern cybersecurity, particularly within cloud environments. It explores the fundamental concepts of RBAC, including its core principle of assigning access rights based on organizational roles rather than individual users. The article delves into the implementation process, discussing role definition, permission assignment, and user-role association. It highlights the key advantages of RBAC, such as simplified permission management, enhanced security through the principle of least privilege, scalability in dynamic environments, and improved time efficiency in access management. A case study from the healthcare sector illustrates RBAC's practical application, emphasizing its role in maintaining regulatory compliance and efficient operations in complex organizational structures. The article also addresses potential challenges in RBAC implementation, including role explosion and over-permissive access, and provides strategies for overcoming these issues through meticulous planning, regular audits, and ongoing system optimization. By offering insights into both the benefits and challenges of RBAC, this article serves as a valuable resource for organizations seeking to enhance their access control strategies in an increasingly complex digital landscape.
2
Wang, Zhen Wu. "A Flexible Role Based Access Control Engine Model." Advanced Materials Research 403-408 (November 2011): 2477–80. http://dx.doi.org/10.4028/www.scientific.net/amr.403-408.2477.
Full textAbstract:
The normal role-based access control (RBAC) model decouples users and permissions through roles,and different software systems have different implementation syteles.The paper proposes an engine model which can configure the RBAC management systems flexibly.It is a configuration tool to generate different RBAC management systems which meet different users’ requirements. The practice proves that the engine model can improve the efficiency and quality of software development. The role-based access control model decouples users and permissions through roles in order to simplify authorized operations and safety management[1]. Many literatures[2-6] discuss the RBAC model from different aspects. Some literatures[2-3] add new elements to the normal RBAC model,and these models are unidimensional according to the manipulated resources.For example, the NIST RBAC reference model [2] extends and standardize the RBAC96 [1] model reasonably.Some literatures[4-5] introduce time property to RBAC model and they are two-dimensional models according to the manipulated resources.Literature[6] furtherly add visual data muster to RBAC model and proposes a three-dimensional access control model. All of these models only discuss access control model theoretically,and different role-based access control modules in software systems have different instantiation sytles.For example, a RBAC module in one software system can not meet the access control requirements in another system because different RBAC modules have different table fields in order to realize certain requirements. This paper proposes a flexible role-based access control engine which can configure the RBAC module for different systmes according to each customer’s requirement.The engine is a configuration tool and it can realize various RBAC modules which have different table fields in database.The paper is organized as follows.Section I introduces the basic concepts of the NIST RBAC model;Seciton II details the description of RBAC engine model and gives the configuration steps using this engine to generate RBAC instances,and at last section III gives an example and concludes the paper.
3
Muehlbacher, Joerg, and Christian Praher. "DS RBAC - Dynamic Sessions in Role Based Access Control." JUCS - Journal of Universal Computer Science 15, no. (3) (2009): 538–54. https://doi.org/10.3217/jucs-015-03-0538.
Full textAbstract:
Besides the well established access control models, Discretionary Access Control (DAC) and Mandatory Access Control (MAC), the policy neutral Role Based Access Control (RBAC) is gaining increasingly momentum. An important step towards a wide acceptance of RBAC has been achieved by the standardization of RBAC through the American National Standards Institute (ANSI) in 2004. While the concept of sessions specified in the ANSI RBAC standard allows for differentiated role selections according to tasks that have to be performed by users, it is very likely that more roles will be activated in a session than are effectively needed to perform the intended activity. Dynamic Sessions in RBAC (DS RBAC) is an extension to the existing RBAC ANSI standard that dynamically deactivates roles in a session if they are not exercised for a certain period of time. This allows for the selection of an outer-shell of possibly needed permissions at the initation of a session through a user, while adhering to the principle of least privilege by automatically reducing the effective permission space to those roles really exercised in the session. Analogous to the working set model known from virtual memory, only the minimal roles containing permissions recently exercised by the user are left in a session in the DS RBAC model. If the user tries to access a role that has aged out due to inactivity, a role fault occurs. A role fault can be resolved by the role fault handler that is responsible for re-activating the expired role. As will be presented in this paper, role re-activation may be subject to constraints that have to be fulfilled by the user in order to re-access the aged role.
4
M., Menaka, and Meenakshisundaram K. "10.11591/ijece.v8i5.pp3187-3193." International Journal of Electrical and Computer Engineering (IJECE) 8, no. 5 (2018): 3187–93. https://doi.org/10.11591/ijece.v8i5.pp3187-3193.
Full textAbstract:
To be able to leverage big data to achieve enhanced strategic insight and make informed decision, an efficient access control mechanism is needed for ensuring end to end security of such information asset. Attribute Based Access Control (ABAC), Role Based Access Control (RBAC) and Event Based Access Control (EBAC) are widely used access control mechanisms. The ABAC system is much more complex in terms of policy reviews, hence analyzing the policy and reviewing or changing user permission are quite complex task. RBAC system is labor intensive and time consuming to build a model instance and it lacks flexibility to efficiently adapt to changing user’s, objects and security policies. EBAC model considered only the events to allocate access controls. Yet these mechanisms have limitations and offer feature complimentary to each other. So in this paper, Event-Role-Attribute based fine grained Access Control mechanism is proposed, it provide a flexible boundary which effectively adapt to changing user’s, objects and security policies based on the event. The flexible boundary is achieved by using temporal and environment state of an event. It improves the big data security and overcomes the disadvantages of the ABAC and RBAC mechanisms. The experiments are conducted to prove the effectiveness of the proposed Event-Role-Attribute based Access Control mechanism over ABAC and RBAC in terms of computational overhead.
5
Abdulkadir, .A. Adamu* Dong Wang Abdul-Fatou Adam. "ACCESS CONTROL IN DISTRIBUTED HEALTHCARE INFORMATION: THE KEY FEATURES." Global Journal of Engineering Science and Research Management 4, no. 4 (2017): 53–58. https://doi.org/10.5281/zenodo.569969.
Full textAbstract:
Information and communication technologies (ICTs) today provide ubiquitous possibilities to share electronic patient’s data across several healthcare organizations and hospital departments. Data security is therefore a strong requirement to ensure compliance with confidentiality and privacy rule of medical records. However, access control mechanism in Nigeria’s health information systems do not sufficiently guarantee managed access, data and resource protection. To conquer the problems existing in the current access control mechanism available to University of Abuja Teaching Hospital (UATH), Nigeria, a new access control mechanism called multi-device TBPM-RBAC (MD-TBPM-RBAC) is proposed in this paper. According to the demand for unified users’ management in the network management system (NMS), MD-TBPM-RBAC uses Role-Based Access Control (RBAC) for the center, and expands the TBPM-RBAC. In MD-RBPM-RBAC, the users, resources and permissions are stored in the remote server, when a user lands, the device will communicate with the server to authenticate and authorize. As the MD-TBPM-RBAC implements the users' unified authentication and authorization, the user’s management is centralized, it protects the resources effectively, and prevents the important resources from illegal access. In essence, the access control mechanisms and authorization structures of information systems must be able to realize the Need-To-Access principle. This paper introduces the design principles and critically evaluates the concept.
6
Sri, kanth Mandru. "Role-Based Access Control (RBAC) in Modern IAM Systems: A study on the effectiveness and challenges of RBAC in managing access to resources in large organizations." European Journal of Advances in Engineering and Technology 6, no. 4 (2019): 57–64. https://doi.org/10.5281/zenodo.13353634.
Full textAbstract:
Modern Identity and Access Management, IAM, solutions designed for today’s organizations cannot be complete without considering RBAC, particularly for large organizations. This paper aims to review the computational results of employing RBAC to enhance the security features and reduce the level of administrative cost, as well as weigh the advantages and disadvantages of this resource access management system. RBAC ensures compliance with the organizational requirements and brings simplicity to access control through the formation of roles that come with certain privileges. However, it is problematic to implement RBAC in large organizations; this remains ongoing and needs to maintain roles, leads to the explosion of roles, and is also complex in role assignment. These are the issues that are discussed in this work, together with possible solutions that include the employment of practical automated role management tools and the introduction of more complex RBAC models. Where and how RBAC is advantageous is also discussed in the paper through the use of case studies and real-life examples, as well as pointing out its weaknesses and the possibility of its development in the future. The findings thus underscore how strategic RBAC is to achieve agile and safe access control in the dynamic business environments of the current world.
7
Rashid, Mamoon, and Er Rishma Chawla. "Securing Data Storage By Extending Role-Based Access Control." International Journal of Cloud Applications and Computing 3, no. 4 (2013): 28–37. http://dx.doi.org/10.4018/ijcac.2013100103.
Full textAbstract:
Role-based access control (RBAC) models have generated a great interest in the security community as a powerful and generalized approach to security management and ability to model organizational structure and their capability to reduce administrative expenses. In this paper, the authors highlight the drawbacks of RBAC models in terms of access control and authorization and later provide a more viable extended-RBAC model, which enhances and extends its powers to make any Cloud Server more secure by adding valuable constraints. Later the Blobs are stored on cloud server which is then accessed by the end users via this Extended RBAC model. The authors describe a practical implementation of the proposed extended RBAC based architecture and discuss the performance results with its base models. The authors later show how the users with different premiums can access this architecture in a better way and also how the unknown users for this architecture can be denied the usage of services by adding valuable constraints.
8
Aftab, Muhammad Umar, Zhiguang Qin, Negalign Wake Hundera, et al. "Permission-Based Separation of Duty in Dynamic Role-Based Access Control Model." Symmetry 11, no. 5 (2019): 669. http://dx.doi.org/10.3390/sym11050669.
Full textAbstract:
A major development in the field of access control is the dominant role-based access control (RBAC) scheme. The fascination of RBAC lies in its enhanced security along with the concept of roles. In addition, attribute-based access control (ABAC) is added to the access control models, which is famous for its dynamic behavior. Separation of duty (SOD) is used for enforcing least privilege concept in RBAC and ABAC. Moreover, SOD is a powerful tool that is used to protect an organization from internal security attacks and threats. Different problems have been found in the implementation of SOD at the role level. This paper discusses that the implementation of SOD on the level of roles is not a good option. Therefore, this paper proposes a hybrid access control model to implement SOD on the basis of permissions. The first part of the proposed model is based on the addition of attributes with dynamic characteristics in the RBAC model, whereas the second part of the model implements the permission-based SOD in dynamic RBAC model. Moreover, in comparison with previous models, performance and feature analysis are performed to show the strength of dynamic RBAC model. This model improves the performance of the RBAC model in terms of time, dynamicity, and automatic permissions and roles assignment. At the same time, this model also reduces the administrator’s load and provides a flexible, dynamic, and secure access control model.
9
Shanu Khare, Payal Thakur, Navjot Singh Talwandi, and Vikash Yadav. "Securing Microservice Architecture: Load Balancing and Role-Based Access Control." International Journal on Engineering Artificial Intelligence Management, Decision Support, and Policies 1, no. 1 (2024): 21–28. https://doi.org/10.63503/j.ijaimd.2024.7.
Full textAbstract:
This study focuses on the security aspects within microservice architecture, particularly addressing load balancing and role-based access control (RBAC). Exploring the intersection of load balancing techniques and RBAC mechanisms, the research aims to enhance the security posture of microservices. By evalu-ating strategies for efficient load distribution and implementing RBAC proto-cols, the study seeks to fortify the architecture against potential vulnerabili-ties. The integration of load balancing and RBAC not only ensures optimized resource utilization but also strengthens access control measures, bolstering the overall security framework in microservice-based systems
10
Miguelangel, Trevino, and Al Lail Mustafa. "Database Web Application for Administering Spatio-Temporal Access Control Policies." American Journal of Advanced Research 5, no. 1 (2021): 6–12. https://doi.org/10.5281/zenodo.5112633.
Full textAbstract:
Governmental and business organizations use the standard authorization model─ Role-based access control (RBAC) ─ to specify and administer access policies for electronic resources. In RBAC-based applications, access is granted or denied based on users’ credentials. However, the RBAC model lacks features that allow applications to determine access based on time and location, spatio-temporal information. This access requirement is important for a growing number of mobile applications. Researchers have proposed new access control models to accommodate organizations' reliance on mobile applications. The General Spatio-temporal Role-Based Access Control model (GSTRBAC) is a model that incorporates time and location constraints as additional factors to grant access to resources. This paper presents the results of our undergraduate research project on creating a relational database that provides a way to store and retrieve GSTRBAC policy information. Further, the paper describes a web application that security analysts can use to administer GSTRBAC policies.
11
Zhao, Yu Lan, and Chun Feng Jiang. "Research of Access Control Models in Personal Networks." Advanced Materials Research 989-994 (July 2014): 4751–54. http://dx.doi.org/10.4028/www.scientific.net/amr.989-994.4751.
Full textAbstract:
How to prevent illegal users from sharing system resources was one of the main purposes for MAGNET Security Group. This paper introduced some major access control models such as traditional access control models, role-based access control model (RBAC), task-based access control model (TBAC) and role-task-based access control model (T-RBAC). In the end, a feasible scheme PN_T-RBAC was proposed at the base of the T-RBAC model in existence, which was suitable for the coalition environment of personal networks.
12
Huang, Dan Hua, and Ya Qian Yang. "Role-Based Risk Adaptive Access Control Model." Applied Mechanics and Materials 416-417 (September 2013): 1516–21. http://dx.doi.org/10.4028/www.scientific.net/amm.416-417.1516.
Full textAbstract:
To solve the problem of only considering constraint verification and ignoring current running environmental security, Economical risk is applied in Role-Based Access Control (RBAC) to weigh user needs and environmental security according to context information and current environment. A model for Role-Based Risk Adaptive Access Control (RRAAC) combining traditional RBAC with new Risk Adaptable Access Control (RAdAC), and the method of risk calculation used in RRAAC model and its mathematic analysis and verification are presented in this paper. This RRAAC model has already been realized in a general personnel management system and experimental result shows that this model possesses great flexibility and certain adaptability coping with environmental changes during access control and task executing in business processes.
13
de Carvalho Junior, Marcelo Antonio, and Paulo Bandiera-Paiva. "Health Information System Role-Based Access Control Current Security Trends and Challenges." Journal of Healthcare Engineering 2018 (2018): 1–8. http://dx.doi.org/10.1155/2018/6510249.
Full textAbstract:
Objective. This article objective is to highlight implementation characteristics, concerns, or limitations over role-based access control (RBAC) use on health information system (HIS) using industry-focused literature review of current publishing for that purpose. Based on the findings, assessment for indication of RBAC is obsolete considering HIS authorization control needs. Method. We have selected articles related to our investigation theme “RBAC trends and limitations” in 4 different sources related to health informatics or to the engineering technical field. To do so, we have applied the following search query string: “Role-Based Access Control” OR “RBAC” AND “Health information System” OR “EHR” AND “Trends” OR “Challenges” OR “Security” OR “Authorization” OR “Attacks” OR “Permission Assignment” OR “Permission Relation” OR “Permission Mapping” OR “Constraint”. We followed PRISMA applicable flow and general methodology used on software engineering for systematic review. Results. 20 articles were selected after applying inclusion and exclusion criteria resulting contributions from 10 different countries. 17 articles advocate RBAC adaptations. The main security trends and limitations mapped were related to emergency access, grant delegation, and interdomain access control. Conclusion. Several publishing proposed RBAC adaptations and enhancements in order to cope current HIS use characteristics. Most of the existent RBAC studies are not related to health informatics industry though. There is no clear indication of RBAC obsolescence for HIS use.
14
Nyame, Gabriel, and Zhiguang Qin. "Precursors of Role-Based Access Control Design in KMS: A Conceptual Framework." Information 11, no. 6 (2020): 334. http://dx.doi.org/10.3390/info11060334.
Full textAbstract:
Role-based access control (RBAC) continues to gain popularity in the management of authorization concerning access to knowledge assets in organizations. As a socio-technical concept, the notion of role in RBAC has been overemphasized, while very little attention is given to the precursors: role strain, role ambiguity, and role conflict. These constructs provide more significant insights into RBAC design in Knowledge Management Systems (KMS). KMS is the technology-based knowledge management tool used to acquire, store, share, and apply knowledge for improved collaboration and knowledge-value creation. In this paper, we propose eight propositions that require future research concerning the RBAC system for knowledge security. In addition, we propose a model that integrates these precursors and RBAC to deepen the understanding of these constructs. Further, we examine these precursory constructs in a socio-technical fashion relative to RBAC in the organizational context and the status–role relationship effects. We carried out conceptual analysis and synthesis of the relevant literature, and present a model that involves the three essential precursors that play crucial roles in role mining and engineering in RBAC design. Using an illustrative case study of two companies where 63 IT professionals participated in the study, the study established that the precursors positively and significantly increase the intractability of the RBAC system design. Our framework draws attention to both the management of organizations and RBAC system developers about the need to consider and analyze the precursors thoroughly before initiating the processes of policy engineering, role mining, and role engineering. The propositions stated in this study are important considerations for future work.
15
Taresh Mehra. "The Critical Role of Role-Based Access Control (RBAC) in securing backup, recovery, and storage systems." International Journal of Science and Research Archive 13, no. 1 (2024): 1192–94. http://dx.doi.org/10.30574/ijsra.2024.13.1.1733.
Full textAbstract:
In the contemporary digital landscape, safeguarding data through robust access control mechanisms is crucial. Role-Based Access Control (RBAC) is an effective strategy for managing access to backup and recovery systems, as well as storage devices. RBAC assigns permissions based on user roles, thereby enforcing the principle of least privilege and enhancing data security. This blog explores the significance of RBAC in these contexts and extends its relevance to ransomware and malware threats, as well as disaster recovery. Supported by scientific research and industry case studies, it underscores how RBAC can mitigate risks, ensure regulatory compliance, and improve data management practices.
16
Abbdelkrim, Bouadjemi. "FORMAL DECISION MODELING FOR ROLE-BASED ACCESS CONTROL POLICIES." Advances in Mathematics: Scientific Journal 12, no. 3 (2023): 465–77. http://dx.doi.org/10.37418/amsj.12.3.4.
Full textAbstract:
Role-Based Access Control (RBAC) has been widely used in information systems, including so-called critical systems. In business, workflows are used to control the flow of processes. One of the major issues concerning these processes is to be able to verify that a proposed process model strictly corresponds to the specifications to which it is supposed to respond. Access control models describe the frameworks that dictate permissions. The RBAC model is generally static, i.e. the access control decisions are: grant or deny. Dynamic and flexible access control is required. In order to increase the flexibility of access control, the notion of decision has been proposed. Decisions execute the requirements to be fulfilled. The main of this article is to use the decision to produce a dynamic model. Our model augments the dynamics of the RBAC model. It allows dynamically assigning permissions. For illustration, Feather's meeting management system is used. Finally, first-order logic is used to analyze the validity of the proposed model.
17
Zhao, Jiang Min, Jian Kang, and Tian Ge Li. "A Flexible Workflow Model of Role Based Access Control." Applied Mechanics and Materials 733 (February 2015): 784–87. http://dx.doi.org/10.4028/www.scientific.net/amm.733.784.
Full textAbstract:
For the shortcomings of the traditional workflow in flexibility, this paper analyzes the advantages of Role Based Access Control Technology (RBAC) in realizing procedure permission dynamic management. With RBAC applied in it, this paper also constructs the flexible workflow model of Role Based Access Control and gives out the definition of the engine as well as the components concerned. In addition, it also solves the problems of the flexible operation of resource and dynamic assigning tasks in the business process, and applies the engine into the specific business process.
18
Mundbrod, Nicolas, and Manfred Reichert. "Object-Specific Role-Based Access Control." International Journal of Cooperative Information Systems 28, no. 01 (2019): 1950003. http://dx.doi.org/10.1142/s0218843019500035.
Full textAbstract:
The proper management of privacy and security constraints in information systems in general and access control in particular constitutes a tremendous, but still prevalent challenge. Role-based access control (RBAC) and its variations can be considered as the widely adopted approach to realize authorization in information systems. However, RBAC lacks a proper object-specific support, which disallows establishing the fine-grained access control required in many domains. By comparison, attribute-based access control (ABAC) enables a fine-grained access control based on policies and rules evaluating attributes. As a drawback, ABAC lacks the abstraction of roles. Moreover, it is challenging to engineer and to audit the granted privileges encoded in rule-based policies. This paper presents the generic approach of object-specific role-based access control (ORAC). On one hand, ORAC enables information system engineers, administrators and users to utilize the well-known principle of roles. On the other hand, ORAC allows realizing the access to objects in a fine-grained way where required. The approach was systematically established according to well-elicited key requirements for fine-grained access control in information systems. For the purpose of evaluation, the approach was applied to real-world scenarios and implemented in a proof-of-concept prototype demonstrating its feasibility and applicability.
19
Meneka, M., and K. Meenakshisundaram. "An Enhancement Role and Attribute Based Access Control Mechanism in Big Data." International Journal of Electrical and Computer Engineering (IJECE) 8, no. 5 (2018): 3187. http://dx.doi.org/10.11591/ijece.v8i5.pp3187-3193.
Full textAbstract:
To be able to leverage big data to achieve enhanced strategic insight and make informed decision, an efficient access control mechanism is needed for ensuring end to end security of such information asset. Attribute Based Access Control (ABAC), Role Based Access Control (RBAC) and Event Based Access Control (EBAC) are widely used access control mechanisms. The ABAC system is much more complex in terms of policy reviews, hence analyzing the policy and reviewing or changing user permission are quite complex task. RBAC system is labor intensive and time consuming to build a model instance and it lacks flexibility to efficiently adapt to changing user’s, objects and security policies. EBAC model considered only the events to allocate access controls. Yet these mechanisms have limitations and offer feature complimentary to each other. So in this paper, Event-Role-Attribute based fine grained Access Control mechanism is proposed, it provide a flexible boundary which effectively adapt to changing user’s, objects and security policies based on the event. The flexible boundary is achieved by using temporal and environment state of an event. It improves the big data security and overcomes the disadvantages of the ABAC and RBAC mechanisms. The experiments are conducted to prove the effectiveness of the proposed Event-Role-Attribute based Access Control mechanism over ABAC and RBAC in terms of computational overhead.
20
KUHLMANN, MIRCO, KARSTEN SOHR, and MARTIN GOGOLLA. "Employing UML and OCL for designing and analysing role-based access control." Mathematical Structures in Computer Science 23, no. 4 (2013): 796–833. http://dx.doi.org/10.1017/s0960129512000266.
Full textAbstract:
The stringent security requirements of organisations like banks or hospitals frequently adopt role-based access control (RBAC) principles to represent and simplify their internal permission management. While representing a fundamental advanced RBAC concept enabling precise restrictions on access rights, authorisation constraints increase the complexity of the resulting security policies so that tool support for convenient creation and adequate validation is required. A particular contribution of our work is a new approach to developing and analysing RBAC policies using a UML-based domain-specific language (DSL), which allows the hiding of the mathematical structures of the underlying authorisation constraints implemented in OCL. The DSL we present is highly configurable and extensible with respect to new concepts and classes of authorisation constraints, and allows the developer to validate RBAC policies in an effective way. The handling of dynamic (that is, time-dependent) constraints, their visual representation through the RBAC DSL and their analysis all form another part of our contribution. The approach is supported by a UML and OCL validation tool.
21
Mpamugo, Ezichi, and Godwin Ansa. "Enhancing Network Security in Mobile Applications with Role-Based Access Control." Journal of Information Systems and Informatics 6, no. 3 (2024): 1872–99. http://dx.doi.org/10.51519/journalisi.v6i3.863.
Full textAbstract:
In today's dynamic networking environment, securing access to resources has become increasingly challenging due to the growth and progress of connected devices. This study explores the integration of Role-Based Access Control (RBAC) and OAuth 2.0 protocols to enhance network access management and security enforcement in an Android mobile application. The study adopts a waterfall methodology to implement access control mechanisms that govern authentication and authorization. OAuth 2.0, a widely adopted open-standard authorization framework, was implemented to secure user authentication by allowing third-party access without exposing user credentials. Meanwhile, RBAC was leveraged to streamline access permissions based on predefined user roles, ensuring that access privileges are granted according to hierarchical role structures. The main outcomes of this study show significance towards the improvements in security enforcement and user access management. Specifically, the implementation of multi-factor authentication, session timeout mechanisms, and user role-based authorization ensured robust protection of sensitive data while maintaining system usability. RBAC proved effective in controlling access to various system resources, such as database operations which was presented in scenario of physical access to doors, while OAuth 2.0 provided a secure communication channel for authentication events. These protocols, working in tandem, addressed key issues like unauthorized access, data integrity, and scalability in network security policy enforcement. This research deduces that combining RBAC and OAuth 2.0 protocols in mobile applications enhances security posture, simplifies access management, and mitigates evolving threats.
22
Ishiaku, Awwal, and Christian Bassey. "Optimizing Synchronization and Role-Based Access Control in Double-Surgeon Telesurgery Cockpits." Journal of Internet Services and Information Security 15, no. 1 (2025): 330–47. https://doi.org/10.58346/jisis.2025.i1.021.
Full textAbstract:
The double-surgeon cockpit is an innovation in telesurgery that allows two surgeons to collaborate by remotely controlling a robot to perform surgical operations. However, it also introduces new challenges in synchronization and Role-Based Access Control (RBAC) due to the need for precise coordination and secure operation. In this paper, we address these challenges and propose an optimized synchronization strategy and implement RBAC within double-surgeon cockpits. The synchronization strategy combines passive latency monitoring and active command throttling to ensure coordinated actions from multiple surgeon consoles. Meanwhile, RBAC ensures that we assign specific permissions to each surgeon based on their roles, restricting access to only necessary robotic components, and preventing unauthorized actions. This dual approach aims to improve the operational efficiency, security, and overall success of telesurgical operations. The simulation results demonstrate the effectiveness of the proposed synchronization strategy, while a detailed RBAC framework ensures secure and efficient role management in telesurgery.
23
Gao, Lei, and Shu Lin Pan. "Fine-Grained Access Control Model Based on RBAC." Advanced Materials Research 468-471 (February 2012): 1667–70. http://dx.doi.org/10.4028/www.scientific.net/amr.468-471.1667.
Full textAbstract:
Military information system has unusually tough restrictions on the rank, and attaches weight to the safety and secrecy of the information. This makes the higher demands on access control on information. So a new access control model based on RBAC is prompted against the limitation of the existing models of RBAC. This model is named as fine-grained access control model based on RBAC. This model not only assigns different roles to different users, but also adds an attribute of department ,so the role and the department are combined; It realizes fine-grained access control and refines to controls of pages, so this keeps access control more precise; Role tree is used to define roles and in order to prevent the problem brought up by role inheriting, it impose s restrictions on whether it can role inherit; At last, ACL store the especial instances’ alteration. When a control is accessed, it will examine the role and department and then judge whether it can role inherit and then judge by combing ACL. So this will attain access control objective. The fulfillment indicates that this model can meet the requirement of real application of military information management system.
24
Owoade, Samuel, Denis Kisina, Oluwasanmi Segun Adanigbo, Abel Chukwuemeke Uzoka, Andrew Ifesinachi Daraojimba, and Toluwase Peter Gbenle. "Advances in Access Control Systems Using Policy-Driven and Role-Based Authorization Models." International Journal of Management and Organizational Research 2, no. 2 (2023): 128–34. https://doi.org/10.54660/ijmor.2023.2.2.128-134.
Full textAbstract:
This paper examines the evolution and advancements in access control systems, with a focus on policy-driven and role-based authorization models. As modern computing environments—such as cloud, IoT, and distributed systems—become increasingly complex, traditional access control mechanisms, including Discretionary Access Control (DAC), are proving inadequate. Role-Based Access Control (RBAC) has long been the cornerstone of secure access management, but as systems evolve, the limitations of RBAC become evident. To address these challenges, Policy-Based Access Control (PBAC) has emerged, offering greater flexibility by incorporating contextual and attribute-based decision-making. This paper explores the principles, evolution, and integration of RBAC and PBAC, comparing their strengths and weaknesses, and also discusses hybrid models that combine both. It also analyzes key challenges such as scalability, policy conflicts, and compliance constraints, and introduces advanced models, including next-generation RBAC and policy-driven authorization engines like XACML and Open Policy Agent (OPA). The paper concludes by discussing practical implications for organizations and suggesting future research directions in areas such as AI-driven policy generation, dynamic trust scoring, and cross-domain federated authorization. The insights provided offer a roadmap for enhancing security, scalability, and compliance in modern access control systems.
25
Essien, Joe. "Enhancing Role - Based Access Control with Embedded Facial Recognition RBAC - EFR System." International Journal of Science and Research (IJSR) 12, no. 6 (2023): 2767–74. http://dx.doi.org/10.21275/sr23625003927.
Full text
26
Tsegaye, Tamir, and Stephen Flowerday. "A Clark-Wilson and ANSI role-based access control model." Information & Computer Security 28, no. 3 (2020): 373–95. http://dx.doi.org/10.1108/ics-08-2019-0100.
Full textAbstract:
Purpose An electronic health record (EHR) enables clinicians to access and share patient information electronically and has the ultimate goal of improving the delivery of healthcare. However, this can create security and privacy risks to patient information. This paper aims to present a model for securing the EHR based on role-based access control (RBAC), attribute-based access control (ABAC) and the Clark-Wilson model. Design/methodology/approach A systematic literature review was conducted which resulted in the collection of secondary data that was used as the content analysis sample. Using the MAXQDA software program, the secondary data was analysed quantitatively using content analysis, resulting in 2,856 tags, which informed the discussion. An expert review was conducted to evaluate the proposed model using an evaluation framework. Findings The study found that a combination of RBAC, ABAC and the Clark-Wilson model may be used to secure the EHR. While RBAC is applicable to healthcare, as roles are linked to an organisation’s structure, its lack of dynamic authorisation is addressed by ABAC. Additionally, key concepts of the Clark-Wilson model such as well-formed transactions, authentication, separation of duties and auditing can be used to secure the EHR. Originality/value Although previous studies have been based on a combination of RBAC and ABAC, this study also uses key concepts of the Clark-Wilson model for securing the EHR. Countries implementing the EHR can use the model proposed by this study to help secure the EHR while also providing EHR access in a medical emergency.
27
Wang, Tao, and Qiang Wu. "Role Minimization Optimization Algorithm Based on Concept Lattice Factor." Mathematics 11, no. 14 (2023): 3047. http://dx.doi.org/10.3390/math11143047.
Full textAbstract:
Role-based access control (RBAC) is a widely adopted security model that provides a flexible and scalable approach for managing permissions in various domains. One of the critical challenges in RBAC is the efficient assignment of roles to users while minimizing the number of roles involved. This article presents a novel role minimization optimization algorithm (RMOA) based on the concept lattice factor to address this challenge. The proposed RMOA leverages the concept lattice, a mathematical structure derived from formal concept analysis, to model and analyze the relationships between roles, permissions, and users in an RBAC system. By representing the RBAC system as a concept lattice, the algorithm captures the inherent hierarchy and dependencies among roles and identifies the optimal role assignment configuration. The RMOA operates in two phases: the first phase focuses on constructing the concept lattice from the RBAC system’s role–permission–user relations, while the second phase performs an optimization process to minimize the number of roles required for the access control. It determines the concept lattice factor using the concept lattice interval to discover the minimum set of roles. The optimization process considers both the user–role assignments and the permission–role assignments, ensuring that access requirements are met while reducing role proliferation. Experimental evaluations conducted on diverse RBAC datasets demonstrate the effectiveness of the proposed algorithm. The RMOA achieves significant reductions in the number of roles compared to existing role minimization approaches, while preserving the required access permissions for users. The algorithm’s efficiency is also validated by its ability to handle large-scale RBAC systems within reasonable computational time.
28
Marquis, Yewande Alice. "From Theory to Practice: Implementing Effective Role-Based Access Control Strategies to Mitigate Insider Risks in Diverse Organizational Contexts." Journal of Engineering Research and Reports 26, no. 5 (2024): 138–54. http://dx.doi.org/10.9734/jerr/2024/v26i51141.
Full textAbstract:
This study investigates the effectiveness of Role-Based Access Control (RBAC) systems in mitigating insider threats to database security within various organizational environments. Insider threats represent a significant challenge for database security, necessitating robust and adaptive security measures. By delineating access based on users' roles within an organization, RBAC emerges as a critical tool against such threats. Employing a quantitative research methodology, this work gathered data through a survey targeting professionals directly involved in the security and management of organizational databases across technology, finance, healthcare, and government industries. The study utilized Confirmatory Factor Analysis (CFA) and Structural Equation Modeling (SEM) to validate the measurement model and analyze the relationships between RBAC effectiveness, implementation challenges, RBAC enhancements, and their collective impact on insider threat reduction. Findings indicate that RBAC effectively reduces unauthorized access and data breaches, significantly mitigating insider threats. However, implementation challenges such as role definition complexity and adapting to dynamic access needs emerge as notable obstacles. Enhancements in RBAC, mainly through integrating technologies like machine learning and dynamic access controls, are identified as critical mediators that enhance RBAC's effectiveness. The study concludes that while RBAC is a vital tool for database security, its success depends on continuous improvement and customization to specific organizational contexts. It recommends developing continuous enhancement programs for RBAC systems, specialized training for administrators, and the customization of RBAC strategies to meet unique organizational and industry needs. These measures are crucial for optimizing RBAC's effectiveness against insider threats.
29
Dr., S. Subashree, M. Priya Dr., and Srividhya R. "Secure role-based access control with blockchain technology." International Journal of Advance Research in Multidisciplinary 2, no. 2 (2024): 204–10. https://doi.org/10.5281/zenodo.11514811.
Full textAbstract:
Better resource utilization, quick speed, affordability, and accessibility for data exchange and storage are all provided by cloud computing. However, security concerns become the main barrier as data storage-possibly sensitive data-is increasingly outsourced to cloud businesses. Preserving data files encrypted before customers upload them to the cloud is a shared approach to safeguarding data confidentiality. Customers who use cloud storage services can save money on data management maintenance expenses. Data confidentiality is the main issue when outsourcing customer data to cloud storage providers. To prevent misuse of firm data, an access control system is also required. Regretfully, it might be difficult to develop a safe and efficient data exchange plan, especially for firms that are dynamic. First, in a secure way, recommend Role Based Access Control (RBAC). or key distribution without the need for any secure lines of communication, and group managers can safely provide group keys to users. One well-known access control paradigm is rolebased access control (RBAC), which maps users to roles and roles to privileges on data objects to provide flexible restrictions and database management. Using blockchain technology, an emerging technology, for data storage is the suggested remedy. First, describe the blockchain-based data storage system paradigm that includes hash and block creation. This work proposes an ECC based encryption system to solve user identity privacy and data privacy in the current access control techniques. It incorporates an anonymous control mechanism along with RBAC and cryptographic techniques. If a group member can be removed, the current group's public keys will be instantly modified, preventing the original content from needing to be re-encrypted. Individuals who are part of the group can access the cloud source; users whose access has been canceled cannot access the cloud again. Keywords: Elliptic Curve Cryptography, Cloud Storage Process, Group Creation, Role-Based Access Permission, Data Sharing, Data Encryption, Secure Data Access.
30
Sabri, Khair Eddin. "An Algebraic Model to Analyze Role-Based Access Control Policies." Modern Applied Science 12, no. 10 (2018): 50. http://dx.doi.org/10.5539/mas.v12n10p50.
Full textAbstract:
Role-Based Access Control (RBAC) is a well known access control model used to preserve the confidentiality of information by specifying the ability of users to access information based on their roles. Usually these policies would be manipulated by combining or comparing them especially when defined in a distributed way. Furthermore, these policies should satisfy predefined authorization constraints.
 
 In this paper, we present an algebraic model for specifying and analyzing RBAC policies. The proposed model enables us to specify policies and verify the satisfaction of predefined authorization constraints. Furthermore, the model allows us to combine policies and analyze their effect on predefined constraints. The model consists of few operators that give simplicity in specifying polices. We present a prototype tool used for facilitating the analysis.
31
Arun Kumar Akuthota. "Role-Based Access Control (RBAC) in Modern Cloud Security Governance: An In-depth Analysis." International Journal of Scientific Research in Computer Science, Engineering and Information Technology 11, no. 2 (2025): 3297–311. https://doi.org/10.32628/cseit25112793.
Full textAbstract:
This article examines the evolving role of Role-Based Access Control (RBAC) in modern cloud security governance, with particular emphasis on its implementation within SAP Business Technology Platform environments. The article investigates how RBAC has transformed from a traditional access control mechanism into an AI-enhanced security framework capable of addressing contemporary cloud security challenges. Through examination of real-world implementations, the article demonstrates RBAC's effectiveness in reducing security incidents, streamlining administrative processes, and ensuring regulatory compliance. The article explores the integration of artificial intelligence and machine learning capabilities, which have significantly enhanced RBAC's ability to detect and prevent security threats while optimizing role management. Furthermore, the article evaluates the impact of RBAC on organizational efficiency, risk management, and scalability, providing insights into best practices for implementation and future trends in access control systems. Special attention is given to the convergence of RBAC with emerging technologies such as blockchain and zero trust architecture, offering a forward-looking perspective on the evolution of cloud security governance.
32
M Sahyudi and Erliyan Redy Susanto. "Analisis Implementasi Sistem Keamanan Basis Data Berbasis Role-Based Access Control (RBAC) pada Aplikasi Enterprise Resource Planning." SATESI: Jurnal Sains Teknologi dan Sistem Informasi 5, no. 1 (2025): 105–16. https://doi.org/10.54259/satesi.v5i1.3997.
Full textAbstract:
Role-Based Access Control (RBAC) has become the main approach in improving data security in various information systems. This study analyzes the implementation of RBAC in the context of Enterprise Resource Planning (ERP) applications and cloud-based, mobile, and multi-domain systems. Using a systematic literature review (SLR) methodology, this study synthesizes findings from various studies to evaluate the effectiveness of RBAC in addressing challenges such as data privacy, regulatory compliance, and access policy complexity. The results show that the integration of intelligent technologies, such as machine learning (decision tree and random forest algorithms) for user behavior analysis, natural language processing for policy interpretation, and blockchain to record access activities with a security increase of up to 37%, can increase the flexibility and efficiency of RBAC, especially in detecting anomalies and managing dynamic policies. In addition, automation in RBAC deployments has been proven to reduce operational costs by 42% and management time by up to 65% compared to traditional manual approaches. However, RBAC implementation also faces significant challenges, including the need to adapt to complex regulations and the dynamics of a multi-domain environment. This research makes a theoretical contribution by expanding the understanding of the role of RBAC in modern data security management and offering practical recommendations for optimizing RBAC implementation. Thus, RBAC has proven to be a relevant and reliable model in answering data security needs in the digital era.
33
CHAE, S. h. "uT-RBAC: Ubiquitous Role-Based Access Control Model." IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences E89-A, no. 1 (2006): 238–39. http://dx.doi.org/10.1093/ietfec/e89-a.1.238.
Full text
34
Doaa, Abdelfattah, A. Hassan Hesham, and A. Omara Fatma. "Enhancing highly-collaborative access control system using a new role-mapping algorithm." International Journal of Electrical and Computer Engineering (IJECE) 12, no. 3 (2022): 2765–82. https://doi.org/10.11591/ijece.v12i3.pp2765-2782.
Full textAbstract:
The collaboration among different organizations is considered one of the main benefits of moving applications and services to a cloud computing environment. Unfortunately, this collaboration raises many challenges such as the access of sensitive resources by unauthorized people. Usually, role based access-control (RBAC) Model is deployed in large organizations. The work in this paper is mainly considering the authorization scalability problem, which comes out due to the increase of shared resources and/or the number of collaborating organizations in the same cloud environment. Therefore, this paper proposes replacing the cross-domain RBAC rules with role-to-role (RTR) mapping rules among all organizations. The RTR mapping rules are generated using a newly proposed role-mapping algorithm. A comparative study has been performed to evaluate the performance of the proposed algorithm with concerning the rule-store size and the authorization response time. According to the results, it is found that the proposed algorithm achieves more saving in the number of stored role-mapping rules which minimizes the rule-store size and reduces the authorization response time. Additionally, the RTR model using the proposed algorithm has been implemented by applying a concurrent approach to achieve more saving in the authorization response time. Therefore, it would be suitable in highly-collaborative cloud environments.
35
War, War Myint, Phyu Phyu Mon Hlaing, Pa Win Pa, and Mar Naing Zin. "Bank's Roled Based Member Access Control." International Journal of Trend in Scientific Research and Development 3, no. 5 (2019): 1151–55. https://doi.org/10.5281/zenodo.3590567.
Full textAbstract:
Today, Banks are essential things for finance. Because services served by banks transferring money from one place to another, saving money many ways and others, bank's functions are very important. All data concerned with bank are kept to be secure because of the financial cases. And bank's staffs' roles and permissions according to their positions are also important. If staffs' duties and responsibilities are identified properly and correctly, daily round of bank services can be operated efficiently. So, duties and responsibilities of bank staff to be truly served, duties should be assigned by their roles and permissions. Managing the staff, assigning duties and keeping bank's confidential records effectively is a big hurdle these days. In this case, RBAC role based access control is the best way for controlling security of staffs' duties. RBAC is the standard innovation access control model and most important access control model and provides a great way to full fill the access control needs. In this study, bank staffs' duties are controlled to be able to secure with RBAC. There are several factors that are related to the system, and the main ones are users, organization, positions, roles, tasks, processes, and rules or permissions. The design architecture is based on RBAC concepts, according to the concept, only the administrator has the privilege to manage or administer the data. She he provides all types of privileges required to maintain users, their authorization and access, and the authorized resources. The administrator controls the largest information, including access to the bank's staffs' files and has the sole access to all potential staffs and their assigned duties. This study took into the account the security access control, and security policies and methods integrated into the RBAC which is appropriate for managing system of Bank. The goal of this system intends to apply Role based Access Control on bank transaction process. War War Myint | Hlaing Phyu Phyu Mon | Pa Pa Win | Zin Mar Naing "Bank's Roled Based Member Access Control" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26533.pdf
36
Deng, Ji Qiu, Xiao Qing Luo, and Huang Ling Gu. "The Design and Implementation of G-RBAC Model in Map Permission." Advanced Materials Research 268-270 (July 2011): 1457–61. http://dx.doi.org/10.4028/www.scientific.net/amr.268-270.1457.
Full textAbstract:
With the development of WebGIS, it plays a more and more important role in government and enterprises. The effective way to access and control spatial data, because of relating to the security and business secrets of government and enterprises, becomes an urgent concern for them. Now, RBAC (Role Based Access Control) can be a valid method to access and control uniform resource, but it is lack of flexibility and real-time ability to control spatial data in WebGIS. For that, this paper proposes G-RBAC model based on RBAC model to enhance the flexibility and real-time ability to access spatial data.
37
Charan Shankar Kummarapurugu. "Role-based access control in cloud-native applications: Evaluating best practices for secure multi-tenant Kubernetes environments." World Journal of Advanced Research and Reviews 1, no. 2 (2019): 045–53. http://dx.doi.org/10.30574/wjarr.2019.1.2.0008.
Full textAbstract:
As cloud-native applications grow in complexity and adoption, particularly within multi-tenant Kubernetes environ- ments, security and access control mechanisms are paramount. Role-Based Access Control (RBAC) is increasingly utilized as a critical security framework to manage permissions across users and services in these cloud-native platforms. However, implementing RBAC in Kubernetes presents unique challenges, especially in multi-tenant setups where robust access separation and efficient permission management are essential. This paper explores best practices for RBAC in multi-tenant Kubernetes environments, highlighting architectural design principles, po- tential vulnerabilities, and mitigation strategies. We propose an optimized RBAC model tailored for cloud-native applications, emphasizing role hierarchies, namespace isolation, and scalable access management. Our approach aims to enhance security by reducing the risk of privilege escalation and ensuring compliance with security policies across tenant boundaries. Experimental evaluation demonstrates the effectiveness of our model in min- imizing security risks and providing scalable access control in Kubernetes clusters. These findings offer actionable insights for organizations seeking to secure cloud-native applications in shared and multi-tenant infrastructures.
38
Mowla, Saleh, Niharika Sinha, Raghavendra Ganiga, and Nisha P. Shetty. "Trust Enhanced Role Based Access Control Using Genetic Algorithm." International Journal of Electrical and Computer Engineering (IJECE) 8, no. 6 (2018): 4724. http://dx.doi.org/10.11591/ijece.v8i6.pp4724-4734.
Full textAbstract:
<p>Improvements in technological innovations have become a boon for business organizations, firms, institutions, etc. System applications are being developed for organizations whether small-scale or large-scale. Taking into consideration the hierarchical nature of large organizations, security is an important factor which needs to be taken into account. For any healthcare organization, maintaining the confidentiality and integrity of the patients’ records is of utmost importance while ensuring that they are only available to the authorized personnel. The paper discusses the technique of Role-Based Access Control (RBAC) and its different aspects. The paper also suggests a trust enhanced model of RBAC implemented with selection and mutation only ‘Genetic Algorithm’. A practical scenario involving healthcare organization has also been considered. A model has been developed to consider the policies of different health departments and how it affects the permissions of a particular role. The purpose of the algorithm is to allocate tasks for every employee in an automated manner and ensures that they are not over-burdened with the work assigned. In addition, the trust records of the employees ensure that malicious users do not gain access to confidential patient data.</p>
39
Mowla, Saleh, Niharika Sinha, Raghavendra Ganiga, and Nisha P. Shetty. "Trust Enhanced Role Based Access Control Using Genetic Algorithm." International Journal of Electrical and Computer Engineering (IJECE) 8, no. 6 (2018): 4724–34. https://doi.org/10.11591/ijece.v8i6.pp4724-4734.
Full textAbstract:
Improvements in technological innovations have become a boon for business organizations, firms, institutions, etc. System applications are being developed for organizations whether small-scale or large-scale. Taking into consideration the hierarchical nature of large organizations, security is an important factor which needs to be taken into account. For any healthcare organization, maintaining the confidentiality and integrity of the patients’ records is of utmost importance while ensuring that they are only available to the authorized personnel. The paper discusses the technique of Role-Based Access Control (RBAC) and its different aspects. The paper also suggests a trust enhanced model of RBAC implemented with selection and mutation only ‘Genetic Algorithm’. A practical scenario involving healthcare organization has also been considered. A model has been developed to consider the policies of different health departments and how it affects the permissions of a particular role. The purpose of the algorithm is to allocate tasks for every employee in an automated manner and ensures that they are not over-burdened with the work assigned. In addition, the trust records of the employees ensure that malicious users do not gain access to confidential patient data.
40
Sinha, Akash Rakesh. "Fortifying Application Security: Integrating OAuth2 Single Sign-On with Precision Role-Based Access Control." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 11 (2024): 1–6. http://dx.doi.org/10.55041/ijsrem8458.
Full textAbstract:
In today's digital era, securing applications has become paramount due to the increasing sophistication of cyber threats and the proliferation of data breaches. This paper explores how integrating OAuth2 Single Sign-On (SSO) with precision Role-Based Access Control (RBAC) can significantly enhance application security. By unifying authentication and authorization mechanisms, organizations can streamline user access while mitigating risks associated with over-privileged accounts and credential fatigue. We delve into the OAuth2 protocol architecture, dissect the core components of RBAC, and present strategies for their effective integration. Through real-world case studies and comparative analyses, we highlight the benefits, challenges, and future trends of this integration. Our findings underscore the necessity for robust security frameworks that adapt to evolving threats, emphasizing the role of OAuth2 SSO and RBAC in fortifying application security. Keywords Application Security, OAuth2, Single Sign-On, Role-Based Access Control, Authentication, Authorization, Identity Providers, JSON Web Tokens, Zero Trust Security, Adaptive Authentication, Machine Learning, Identity Management, User Experience, Credential Fatigue, Cyber Threats, Access Control
41
Penelova, Maria. "Hybrid Role and Attribute Based Access Control Applied in Information Systems." Cybernetics and Information Technologies 21, no. 3 (2021): 85–96. http://dx.doi.org/10.2478/cait-2021-0031.
Full textAbstract:
Abstract It this paper it is proposed a new access control model – Hybrid Role and Attribute Based Access Control (HRABAC). It is an extension of Role-Based Access Control (RBAC). HRABAC is designed for information systems and enterprise software and combines the advantages of RBAC and Attribute-Based Access Control (ABAC). HRABAC is easy configurable, fine-grained and supports role hierarchies. The proposed model HRABAC describes the access control scheme in Laravel package laravelroles/rolespermissions, which is developed by the author of the paper, as an answer to the requirements of practice of fine-grained and easy configurable access control solution. Laravel is chosen, because it is the most popular and the most widely used PHP framework. The package laravelroles/rolespermissions is developed on Laravel so that maximum number of programmers could use it. This package contains working and tested functionalities for managing users, roles and permissions, and it is applied in accounting information system.
42
Dia, Ousmane Amadou, and Csilla Farkas. "Business Driven User Role Assignment." International Journal of Information Security and Privacy 7, no. 1 (2013): 45–62. http://dx.doi.org/10.4018/jisp.2013010104.
Full textAbstract:
The authors propose a business-oriented approach to support accurate and dynamic user-role assignments for the Role Based Access Control (RBAC) model. Their model, called Business-Driven Role Based Access Control (BD-RBAC), is composed of three layers. The first layer extends the RBAC model with the concepts of business roles, system roles, credentials, and users’ capabilities. The second layer dynamically assigns users to business and system roles, and filters outdated (abnormal) user-role assignments. The third layer supports exception handling and partial authorization. The novel aspect of the work is the adaptation of RBAC-based access control systems to changes in organizational needs, while reducing the burden of security administration. To this end, the authors have developed (1) a series of algorithms to compute internal and external user-role assignments based on organizational policies, users’ requests and capabilities, (2) and shown that their outputs are permissible, i.e., a legitimate user is authorized to activate the role, complete, i.e., a legitimate user can activate the roles necessary to perform all the requested tasks, and minimal, i.e., a legitimate user does not receive any non-authorized or not-needed privileges.
43
Li, Yunliang, Zhiqiang Du, Yanfang Fu, and Liangxin Liu. "Role-Based Access Control Model for Inter-System Cross-Domain in Multi-Domain Environment." Applied Sciences 12, no. 24 (2022): 13036. http://dx.doi.org/10.3390/app122413036.
Full textAbstract:
Information service platforms or management information systems of various institutions or sectors of enterprises are gradually interconnected to form a multi-domain environment. A multi-domain environment is convenient for managers to supervise and manage systems, and for users to access data across domains and systems. However, given the complex multi-domain environment and many users, the traditional or enhanced role-based access control (RBAC) model still faces some challenges. It is necessary to address issues such as role naming conflicts, platform–domain management conflicts, inter-domain management conflicts, and cross-domain sharing difficulties. For the above problems, a role-based access control model for inter-system cross-domain in multi-domain environment (RBAC-IC) is proposed. This paper formally defines the model, divides roles into abstract roles and specific roles, and designs the operating process of the access control model. The model has four characteristics: support role name repetition, platform–domain isolation management, inter-domain isolation management, and fine-grained cross-domain sharing. By establishing security violation formulas for security analysis, it is finally shown that RBAC-IC can operate safely.
44
Yastrebov, Ilia. "Role-Based Access Control for the Large Hadron Collider at CERN." International Journal of Computers Communications & Control 5, no. 3 (2010): 398. http://dx.doi.org/10.15837/ijccc.2010.3.2491.
Full textAbstract:
Large Hadron Collider (LHC) is the largest scientific instrument ever created. It was built with the intention of testing the most extreme conditions of the matter. Taking into account the significant dangers of LHC operations, European Organization for Nuclear Research (CERN) has developed multi-pronged approach for machine safety, including access control system. This system is based on rolebased access control (RBAC) concept. It was designed to protect from accidental and unauthorized access to the LHC and injector equipment. This paper introduces the new model of the role-based access control developed at CERN and gives detailed mathematical description of it. We propose a new technique called dynamic authorization that allows deploying RBAC gradually in the large systems. Moreover, we show how the protection for the very large distributed equipment control system may be implemented in efficient way. This paper also describes motivation of the project, requirements and overview of the main components: authentication and authorization.
45
Qin, Sheng Jun, and Ken E. Li. "The Research of Group Hierarchy Access Control in E-Government System." Advanced Materials Research 834-836 (October 2013): 1840–43. http://dx.doi.org/10.4028/www.scientific.net/amr.834-836.1840.
Full textAbstract:
In order to meet the requirements of E-Government System with complex user relationships and diversified business process , this paper proposed an advanced RBAC model named Group Hierarchy Role-Based Access Control (GH-RBAC). In this model, tradition user role assignment have been reformed to multilayer user group role group assignment which improve the scalability and adaptability of access control. Finally, we design and implement the extend model which emphasis the way to carry out access control module with the low coupling.
46
Han, Gui Ying, and Xi Zuo Li. "The Implementation of Rights Management of Network Teaching Platform with Role-Based Access Control." Applied Mechanics and Materials 433-435 (October 2013): 1603–8. http://dx.doi.org/10.4028/www.scientific.net/amm.433-435.1603.
Full textAbstract:
For the system security risks of multiple administrators to manage the network teaching platform, role-based access control (RBAC) from the ThinkPHP framework is used to implement the rights management of the network teaching platform. Teachers or administrators access and can only access the related function modules or methods authorized by the super administrator. It facilitates the rights management of the network teaching platform and makes a clear division of works for the multiple administrators and more scientific management of the platform. Practice shows that RBAC-based rights management for the network teaching platform is simple, practical and has a good application value.
47
Cruz, Jason Paul, Yuichi Kaji, and Naoto Yanai. "RBAC-SC: Role-Based Access Control Using Smart Contract." IEEE Access 6 (2018): 12240–51. http://dx.doi.org/10.1109/access.2018.2812844.
Full text
48
Patil, Suraj Krishna, Sandipkumar Chandrakant Sagare, and Alankar Shantaram Shelar. "Use of Purpose and Role Based Access Control Mechanisms to Protect Data Within RDBMS." International Journal of Software Innovation 8, no. 1 (2020): 82–91. http://dx.doi.org/10.4018/ijsi.2020010105.
Full textAbstract:
Privacy is the key factor to handle personal and sensitive data, which in large chunks, is stored by database management systems (DBMS). It provides tools and mechanisms to access and analyze data within it. Privacy preservation converts original data into some unknown form, thus protecting personal and sensitive information. Different access control mechanisms such as discretionary access control, mandatory access control is used in DBMS. However, they hardly consider purpose and role-based access control in DBMS, which incorporates policy specification and enforcement. The role based access control (RBAC) regulates the access to resources based on the roles of individual users. Purpose based access control (PuBAC) regulates the access to resources based on purpose for which data can be accessed. It regulates execution of queries based on purpose. The PuRBAC system uses the policies of both, i.e. PuBAC and RBAC, to enforce within RDBMS.
49
Arora, Amar, and Anjana Gosain. "Dynamic Trust Emergency Role-based Access Control (DTE-RBAC)." International Journal of Computer Applications 175, no. 24 (2020): 20–24. http://dx.doi.org/10.5120/ijca2020920773.
Full text
50
Fragkos, Georgios, Jay Johnson, and Eirini Eleni Tsiropoulou. "Centralized and Decentralized Distributed Energy Resource Access Control Implementation Considerations." Energies 15, no. 17 (2022): 6375. http://dx.doi.org/10.3390/en15176375.
Full textAbstract:
A global transition to power grids with high penetrations of renewable energy generation is being driven in part by rapid installations of distributed energy resources (DER). New DER equipment includes standardized IEEE 1547-2018 communication interfaces and proprietary communications capabilities. Interoperable DER provides new monitoring and control capabilities. The existence of multiple entities with different roles and responsibilities within the DER ecosystem makes the Access Control (AC) mechanism necessary. In this paper, we introduce and compare two novel architectures, which provide a Role-Based Access Control (RBAC) service to the DER ecosystem’s entities. Selecting an appropriate RBAC technology is important for the RBAC administrator and users who request DER access authorization. The first architecture is centralized, based on the OpenLDAP, an open source implementation of the Lightweight Directory Access Protocol (LDAP). The second approach is decentralized, based on a private Ethereum blockchain test network, where the RBAC model is stored and efficiently retrieved via the utilization of a single Smart Contract. We have implemented two end-to-end Proofs-of-Concept (PoC), respectively, to offer the RBAC service to the DER entities as web applications. Finally, an evaluation of the two approaches is presented, highlighting the key speed, cost, usability, and security features.