Role Activation Hierarchies - PowerPoint PPT Presentation

About This Presentation
Title:

Role Activation Hierarchies

Description:

LW. HW. M1W. M2W. LBAC: STRICT *-PROPERTY SIMULATION BY PRIVATE ROLES. HR. LR. M1R. M2R ... LW. M1W. M2W. DYNAMIC SEPARATION OF DUTIES. Roles in dynamic SOD ... – PowerPoint PPT presentation

Number of Views:21
Avg rating:3.0/5.0
Slides: 17
Provided by: rav67
Category:

less

Transcript and Presenter's Notes

Title: Role Activation Hierarchies


1
Role Activation Hierarchies
Ravi Sandhu George Mason University
2
RBAC96
ROLE HIERARCHIES
USER-ROLE ASSIGNMENT
PERMISSION-ROLE ASSIGNMENT
ROLES
USERS
PERMISSIONS
SESSIONS
CONSTRAINTS
3
ROLE HIERARCHIES
  • Inheritance hierarchies
  • permission inheritance
  • user inheritance
  • Activation hierarchies
  • role membership versus role activation

4
EXAMPLE ROLE HIERARCHYINTERPRETATIONS
Director (DIR)
Project Lead 1 (PL1)
Project Lead 2 (PL2)
Production 1 (P1)
Quality 1 (Q1)
Production 2 (P2)
Quality 2 (Q2)
Engineer 1 (E1)
Engineer 2 (E2)
Engineering Department (ED)
PROJECT 2
PROJECT 1
Employee (E)
5
ALTERNATIVES
  • separate inheritance and activation hierarchies
  • this paper
  • single inheritance and activation hierarchy
  • most common approach, including RBAC96
  • activation hierarchy only, no inheritance
  • alternative identified in NIST RBAC model
  • inheritance hierarchy only, no activation
    hierarchy
  • does not seem to be useful

6
LBAC LIBERAL -PROPERTY
Read
Write
7
LBAC LIBERAL -PROPERTY DUAL ROLE SIMULATION

M1W
M2W
-
Read Write
8
LBAC STRICT -PROPERTY

-
Read
Write
9
LBAC STRICT -PROPERTY DUAL ROLE SIMULATION
LW
HW
M1W
M2W
10
LBAC STRICT -PROPERTY SIMULATION BY PRIVATE
ROLES
11
LBAC STRICT -PROPERTY SIMULATION BY PRIVATE
ROLES
HW
LW
12
LBAC STRICT -PROPERTY SIMULATION BY PRIVATE
ROLES
HW
LW
13
DYNAMIC SEPARATION OF DUTIES
  • Roles in dynamic SOD
  • cannot have common seniors in role inheritance
    hierarchy, but
  • can have common seniors in role activation
    hierarchy

14
EXAMPLE ROLE HIERARCHYINTERPRETATIONS
Director (DIR)
Project Lead 1 (PL1)
Project Lead 2 (PL2)
Production 1 (P1)
Quality 1 (Q1)
Production 2 (P2)
Quality 2 (Q2)
Engineer 1 (E1)
Engineer 2 (E2)
Engineering Department (ED)
PROJECT 2
PROJECT 1
Employee (E)
15
ACTIVATION HIERARCHIES
16
CONCLUSION
  • separate inheritance and activation hierarchies
  • this paper
  • single inheritance and activation hierarchy
  • most common approach, including RBAC96
  • activation hierarchy only, no inheritance
  • alternative identified in NIST RBAC model
  • inheritance hierarchy only, no activation
    hierarchy
  • does not seem to be useful
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Role Activation Hierarchies" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!