Trust-based dynamic RBAC

Tamir Lavi, Ehud Gudes

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

6 Scopus citations

Abstract

A prominent feature of almost every computerized system is the presence of an acceb control module. The Role Based Acceb Control (RBAC) model is among the most popular in both academic research and in practice, within actual implementation of many applications and computer infrastructures. The RBAC model simplifies the way that a system administrator controls the abignment of permibions to individuals by abigning permibions to roles and roles to users. The growth in web applications which enable the acceb of world-wide and unknown users, expose these applications to various attacks. This led few researchers to suggest ways to incorporate trust within RBAC to achieve even better control over the abignment of users to roles, and permibions within roles, based on the user trust level. In this work, we present a new trust-based RBAC model which improves and refines the abignment of permibions to roles with awareneb of the user trust and reputation. After describing the basic model, called TDRBAC for Trust-based Dynamic RBAC, we describe ways to deal with ibues like privacy-preservation and delegation of roles with the consideration of user's trust.

Original languageEnglish
Title of host publicationICISSP 2016 - Proceedings of the 2nd International Conference on Information Systems Security and Privacy
EditorsOlivier Camp, Steven Furnell, Paolo Mori
PublisherSciTePress
Pages317-324
Number of pages8
ISBN (Electronic)9789897581670
DOIs
StatePublished - 1 Jan 2016
Event2nd International Conference on Information Systems Security and Privacy, ICISSP 2016 - Rome, Italy
Duration: 19 Feb 201621 Feb 2016

Publication series

NameICISSP 2016 - Proceedings of the 2nd International Conference on Information Systems Security and Privacy

Conference

Conference2nd International Conference on Information Systems Security and Privacy, ICISSP 2016
Country/TerritoryItaly
CityRome
Period19/02/1621/02/16

Keywords

  • Privacy-Preservation
  • RBAC
  • Role Delegation
  • Trust-Based Acceb Control

ASJC Scopus subject areas

  • Computer Science Applications
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Information Systems

Fingerprint

Dive into the research topics of 'Trust-based dynamic RBAC'. Together they form a unique fingerprint.

Cite this