Authors:
Tamir Lavi
1
and
Ehud Gudes
2
Affiliations:
1
The Open University, Israel
;
2
The Open University and Ben-Gurion University, Israel
Keyword(s):
Trust-Based Access Control, RBAC, Privacy-Preservation, Role Delegation.
Related
Ontology
Subjects/Areas/Topics:
Access Control
;
Data Engineering
;
Databases and Data Security
;
Information and Systems Security
;
Internet Technology
;
Web Information Systems and Technologies
Abstract:
A prominent feature of almost every computerized system is the presence of an access control module. The Role Based Access Control (RBAC) model is among the most popular in both academic research and in practice, within actual implementation of many applications and computer infrastructures. The RBAC model simplifies the way that a system administrator controls the assignment of permissions to individuals by assigning permissions to roles and roles to users. The growth in web applications which enable the access of world-wide and unknown users, expose these applications to various attacks. This led few researchers to suggest ways to incorporate trust within RBAC to achieve even better control over the assignment of users to roles, and permissions within roles, based on the user trust level. In this work, we present a new trust-based RBAC model which improves and refines the assignment of permissions to roles with awareness of the user trust and reputation. After describing the basic
model, called TDRBAC for Trust-based Dynamic RBAC, we describe ways to deal with issues like privacy-preservation and delegation of roles with the consideration of user’s trust.
(More)