| Presentation | 2009-12-16 Redesigning of a role hierarchy for role-based access control Yoshiharu ASAKURA, Yukikazu NAKAMOTO, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Role-based access control (RBAC) is widely used as an access control mechanism in various computer systems. A role graph is a model that represents role hierarchies and is suitable for runtime deployment of RBAC in a computer system. In a previous work, we proposed an extended role graph that is suitable for designing role hierarchies. When an administrator wants to redesign a role hierarchy in a computer system, he or she has to redesign it with a role graph and, it is therefore difficult for him/her to redesign this. Here, we prove that a role graph can be transformed into any equivalent extended role graph by using extended equivalent transformation manipulations, which transform an extended role graph while preserving its equivalence. This enables an administrator to redesign a role hierarchy with an extended role graph. The main contribution of this paper is to explain how a role hierarchy can be easily redesigned. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Role-based access control / extended role graph / equivalent transformation |
| Paper # | ISEC2009-79 |
| Date of Issue |
| Conference Information | |
| Committee | ISEC |
|---|---|
| Conference Date | 2009/12/9(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information Security (ISEC) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Redesigning of a role hierarchy for role-based access control |
| Sub Title (in English) | |
| Keyword(1) | Role-based access control |
| Keyword(2) | extended role graph |
| Keyword(3) | equivalent transformation |
| 1st Author's Name | Yoshiharu ASAKURA |
| 1st Author's Affiliation | System Platforms Research Laboratories, NEC Corporation:Graduate School of Applied Informatics, University of Hyogo() |
| 2nd Author's Name | Yukikazu NAKAMOTO |
| 2nd Author's Affiliation | Graduate School of Applied Informatics, University of Hyogo |
| Date | 2009-12-16 |
| Paper # | ISEC2009-79 |
| Volume (vol) | vol.109 |
| Number (no) | 337 |
| Page | pp.pp.- |
| #Pages | 7 |
| Date of Issue | |