Managing Role/Permission Relationships Using Object Access Types
John Barkley, Anthony V. Cincotta
The role metaphor in Role Based Access Control (RBAC) is particularly powerful in its ability to express access policy in terms of the way in which administrators view organizations. Much of the effort in providing administrative tools for RBAC has been devoted to tools for associating users with roles and roles with roles. This paper introduces the concept of an "Object Access Type" and describes the tool "RGP-Admin" for administering associations between roles and permissions using Object Access Types. RGP-Admin is applicable to most RBAC mechanisms and Access Control List mechanisms which support groups. A prototype demonstration of RGPAdmin was developed to illustrate how Object Access Types are used to manage associations between Windows NT groups, representing roles, and file permissions within the Windows NT File System.
Proceedings of the 3rd ACM Workshop on Role-Based Access Control (RBAC '98)
October 22-23, 1998
3rd ACM Workshop on Role-Based Access Control (RBAC '98)
and Cincotta, A.
Managing Role/Permission Relationships Using Object Access Types, Proceedings of the 3rd ACM Workshop on Role-Based Access Control (RBAC '98), Fairfax, VA, [online], https://doi.org/10.1145/286884.286901
(Accessed December 4, 2023)