• Title/Summary/Keyword: TCPBDM

Search Result 1, Processing Time 0.022 seconds

A Time Constraints Permission Based Delegation Model in RBAC (RBAC을 기반으로 하는 시간제한 권한 위임 모델)

  • Kim, Tae-Shik;Chang, Tae-Mu
    • Journal of the Korea Society of Computer and Information
    • /
    • v.15 no.11
    • /
    • pp.163-171
    • /
    • 2010

  • RBAC(Role-Based Access Control) has advantages in managing access controls, because it offers the role inheritance and separation of duty in role hierarchy structures. Delegation is a mechanism of assigning access rights to a user. RBDM0 and RDM2000 models deal with user-to-user delegation. The unit of delegation in them is a role. However, RBAC does not process delegation of Role or Permission effectively that occurs frequently in the real world. This paper proposes a Time Constraints Permission-Based Delegation Model(TCPBDM) that guarantees permanency of delegated permissions and does not violate security principle of least privilege and separation of duty. TCPBDM, based on the well-known RBAC96, supports both user-to-user and role-to-role delegation with time constraints. A delegator can give permission to a specific person, that is delegatee, and the permission can be withdrawn whenever the delegator wants. Our model is analyzed and shown to be effective in the present paper.

  • https://doi.org/10.9708/jksci.2010.15.11.163 인용 PDF KSCI