제어로봇시스템학회:학술대회논문집
- 2004.08a
- /
- Pages.1360-1364
- /
- 2004
Enhanced Role-Based Access Control Administration Tool
- Yenmunkong, Burin (Faculty of Information Technology, and Research Center for Communications and Information Technology (ReCCIT), King Mongkut's Institute of Technology Ladkrabang) ;
- Sathitwiriyawong, Chanboon (Faculty of Information Technology, and Research Center for Communications and Information Technology (ReCCIT), King Mongkut's Institute of Technology Ladkrabang)
- Published : 2004.08.25
Abstract
This paper propose an extended model for role-permission assignment based on locations called "Enhanced Role-Based Access Control (ERBAC03)". The proposed model is built upon the well-known RBAC model. Assigning permissions to role is considered too complex activity to accomplish directly. Instead we advocate breaking down this process into a number of steps. The concept of jobs and tasks is specifically introduced to facilitate role-permission assignment into a series of smaller steps. This model is suitable for any large organization that has many branches. Each branch consists of many users who work in difference roles. An administration tool has been developed to assist administrators with the administration of separation of duty requirements. It demonstrates how the specification of static requirements can be done based on "conflicting entities" paradigm. Static separation of duty requirements must be enforced in the administration environment. Finally, we illustrate how the ERBAC03 prototype is used to administer the separation of duty requirements.
Keywords