loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Chunren Lai 1 and Chang N. Zhang 2

Affiliations: 1 University of Regina, Canada ; 2 University of Regina, TRLabs, Canada

ISBN: 978-972-8865-63-4

Keyword(s): Principle of least privilege, role based access control, system security, user-role assignment.

Related Ontology Subjects/Areas/Topics: Access Control ; Data Engineering ; Databases and Data Security ; Information and Systems Security ; Internet Technology ; Web Information Systems and Technologies

Abstract: Role-based access control (RBAC) models ease security administration and reduce overheads by introducing roles between users and privileges. RBAC provides the possibility to enforce the principle of least privileges that a user should be assigned just enough privileges to complete his/her job in order to prevent the possible information leaking and other wrong doing. This paper defines several concepts to quantitatively measure how well a user-role assignment meets the principle of least privilege and presents algorithms to find the perfect user-role assignment (i.e., without bringing any extra privilege) and the optimal user-role assignment (i.e., limiting any extra privilege to the minimum). The proposed approach for the enforcement of the principle of least privilege is particularly useful for automatic generation of user-role assignment in large-scale RBAC systems.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.210.28.227

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Lai C.; N. Zhang C. and (2006). QUANTITATIVE ANALYSIS AND ENFORCEMENT OF THE PRINCIPLE OF LEAST PRIVILEGE IN ROLE-BASED ACCESS CONTROL.In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006) ISBN 978-972-8865-63-4, pages 69-74. DOI: 10.5220/0002100500690074

@conference{secrypt06,
author={Chunren Lai and Chang {N. Zhang}},
title={QUANTITATIVE ANALYSIS AND ENFORCEMENT OF THE PRINCIPLE OF LEAST PRIVILEGE IN ROLE-BASED ACCESS CONTROL},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)},
year={2006},
pages={69-74},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002100500690074},
isbn={978-972-8865-63-4},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)
TI - QUANTITATIVE ANALYSIS AND ENFORCEMENT OF THE PRINCIPLE OF LEAST PRIVILEGE IN ROLE-BASED ACCESS CONTROL
SN - 978-972-8865-63-4
AU - Lai, C.
AU - N. Zhang, C.
PY - 2006
SP - 69
EP - 74
DO - 10.5220/0002100500690074

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.