We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Permission-Based Separation of Duty in Dynamic Role-Based Access Control Model.
- Authors
Aftab, Muhammad Umar; Qin, Zhiguang; Hundera, Negalign Wake; Ariyo, Oluwasanmi; Zakria; Son, Ngo Tung; Dinh, Tran Van
- Abstract
A major development in the field of access control is the dominant role-based access control (RBAC) scheme. The fascination of RBAC lies in its enhanced security along with the concept of roles. In addition, attribute-based access control (ABAC) is added to the access control models, which is famous for its dynamic behavior. Separation of duty (SOD) is used for enforcing least privilege concept in RBAC and ABAC. Moreover, SOD is a powerful tool that is used to protect an organization from internal security attacks and threats. Different problems have been found in the implementation of SOD at the role level. This paper discusses that the implementation of SOD on the level of roles is not a good option. Therefore, this paper proposes a hybrid access control model to implement SOD on the basis of permissions. The first part of the proposed model is based on the addition of attributes with dynamic characteristics in the RBAC model, whereas the second part of the model implements the permission-based SOD in dynamic RBAC model. Moreover, in comparison with previous models, performance and feature analysis are performed to show the strength of dynamic RBAC model. This model improves the performance of the RBAC model in terms of time, dynamicity, and automatic permissions and roles assignment. At the same time, this model also reduces the administrator's load and provides a flexible, dynamic, and secure access control model.
- Subjects
ACCESS control; INTERNAL security; DUTY; DYNAMIC models
- Publication
Symmetry (20738994), 2019, Vol 11, Issue 5, p669
- ISSN
2073-8994
- Publication type
Article
- DOI
10.3390/sym11050669