Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

A Method for Visualizing and Managing Role-Based Policies on Identity-Based Systems

Published

Author(s)

David F. Ferraiolo, Serban I. Gavrila

Abstract

In recent years, numerous commercial and experimental Role-Based Access Control (RBAC) implementations have emerged. Central to several of these RBAC systems are administrative facilities for displaying and managing user/role and role/privileges, and their inheritance relationships. Although these systems provide a powerful and intuitive interface for navigating through and managing authorization data, they lack support for multiple inheritance of user and privilege relationships. As a consequence, these systems are limited in their expressive power in composing the role and role relations characteristic of the organization and business structures for which these roles are intended to model. In this paper wedescribe a graph centric RBAC implementation, referred to as the Role Control Center (RCC), that solves the multiple inheritance problem. RCC takes further advantage of multiple inheritance properties by introducing individual users directly into the role graph as user-roles. As such, RCC ensures uniform treatment of the privileges that are unique to a user and the privileges that are assigned to a role. In addition, RCC introduces the concept of a role view that is used in the delegation of administrative responsibilities, and for the instantiation of RBAC users and roles as users and groups on target systems.
Proceedings Title
5th ACM Workshop on Role Based Access Control
Conference Dates
July 26-27, 2000
Conference Location
Berlin,

Keywords

access control, authorization management, role-based access control

Citation

Ferraiolo, D. and Gavrila, S. (2000), A Method for Visualizing and Managing Role-Based Policies on Identity-Based Systems, 5th ACM Workshop on Role Based Access Control, Berlin, (Accessed April 15, 2024)
Created July 27, 2000, Updated February 19, 2017