QUANTITATIVE ANALYSIS AND ENFORCEMENT OF THE PRINCIPLE OF LEAST PRIVILEGE IN ROLE-BASED ACCESS CONTROL

Chunren Lai; Chang N. Zhang

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

QUANTITATIVE ANALYSIS AND ENFORCEMENT OF THE PRINCIPLE OF LEAST PRIVILEGE IN ROLE-BASED ACCESS CONTROL

Topics: Access Control in Computing Environments

In Proceedings of the International Conference on Security and Cryptography - Volume 0ICETE, 69-74, 2006 , Setúbal, Portugal

Authors: Chunren Lai ¹ and Chang N. Zhang ²

Affiliations: ¹ University of Regina, Canada ; ² University of Regina, TRLabs, Canada

Keyword(s): Principle of least privilege, role based access control, system security, user-role assignment.

Related Ontology Subjects/Areas/Topics: Access Control ; Data Engineering ; Databases and Data Security ; Information and Systems Security ; Internet Technology ; Web Information Systems and Technologies

Abstract: Role-based access control (RBAC) models ease security administration and reduce overheads by introducing roles between users and privileges. RBAC provides the possibility to enforce the principle of least privileges that a user should be assigned just enough privileges to complete his/her job in order to prevent the possible information leaking and other wrong doing. This paper defines several concepts to quantitatively measure how well a user-role assignment meets the principle of least privilege and presents algorithms to find the perfect user-role assignment (i.e., without bringing any extra privilege) and the optimal user-role assignment (i.e., limiting any extra privilege to the minimum). The proposed approach for the enforcement of the principle of least privilege is particularly useful for automatic generation of user-role assignment in large-scale RBAC systems.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.15.235.196

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Lai, C. and N. Zhang, C. (2006). QUANTITATIVE ANALYSIS AND ENFORCEMENT OF THE PRINCIPLE OF LEAST PRIVILEGE IN ROLE-BASED ACCESS CONTROL. In Proceedings of the International Conference on Security and Cryptography (ICETE 2006) - SECRYPT; ISBN 978-972-8865-63-4; ISSN 2184-3236, SciTePress, pages 69-74. DOI: 10.5220/0002100500690074

@conference{secrypt06,
author={Chunren Lai. and Chang {N. Zhang}.},
title={QUANTITATIVE ANALYSIS AND ENFORCEMENT OF THE PRINCIPLE OF LEAST PRIVILEGE IN ROLE-BASED ACCESS CONTROL},
booktitle={Proceedings of the International Conference on Security and Cryptography (ICETE 2006) - SECRYPT},
year={2006},
pages={69-74},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002100500690074},
isbn={978-972-8865-63-4},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the International Conference on Security and Cryptography (ICETE 2006) - SECRYPT
TI - QUANTITATIVE ANALYSIS AND ENFORCEMENT OF THE PRINCIPLE OF LEAST PRIVILEGE IN ROLE-BASED ACCESS CONTROL
SN - 978-972-8865-63-4
IS - 2184-3236
AU - Lai, C.
AU - N. Zhang, C.
PY - 2006
SP - 69
EP - 74
DO - 10.5220/0002100500690074
PB - SciTePress