By Topic

Role Based Access Control in Distributed Object Systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Enokido, T. ; Rissho Univ., Tokyo ; Takizawa, M.

The role-based access control (RBAC) model is widely used to make information systems secure. Even if every access request is authorized, illegal information flow might occur as the well known confinement problem. In this paper, we discuss how prevent illegal information flow to occur by synchronizing onflicting transactions in the RBAC model. We first define types of information flow relations, legal (LIF), illegal (IIF), and possibly illegal (PIF) ones R1 rArr R2, R1 rarr R2, and R1 rarr R2 among a pair of role families R1 and R2, respectively. Here, let T1 and T2 be a pair of transactions with role families R1 and R2, respectively. Suppose T1 precedes T2 in a schedule, i.e. for every pair of conflicting methods op1 and op2 from T1 and T2, respectively, op1 is performed prior to op2. Here, if the LIF relation R1 rArr R2 holds, no illegal information flow occur. If R1 rarr R2, illegal information flow necessarily occur. R1 rarr R2 implies that illegal information flow might occur depending on in which order the transactions perform what methods.

Published in:

Distributed Computing Systems Workshops, 2008. ICDCS '08. 28th International Conference on

Date of Conference:

17-20 June 2008