期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2015
卷号:76
期号:3
出版社:Journal of Theoretical and Applied
摘要:In Dynamic Environments such as World Wide Web, Role Based Access Control (RBAC) has been one of the challenging factors. In RBAC, wide ranges of authorized task have been carried out by the users for regulating the user�s action dynamically. Regulating access to computers or network resources is based on individual user within an enterprise. To define the roles, enterprises use authority, responsibility, job competency, etc. When the need arises, the administrator can provide the service access to users. An authorized user may misuse the granted permissions purposely or unfortunately, even though the policies are assigned correctly to them. Most of the enterprise databases are stored over the web. Many web databases are vulnerable to misuse by the authorized users. To avoid such issues, this paper proposes a framework using Budget-Aware Role Based Access Control (BARBAC). The issues can be overcome by providing budget and cost to the users for accessing the resources, where users are assigned with a limited budget; users pay the cost of permits they needed to access the resources. Much more desirable properties have been included in this framework to enhance the accessibility. Unassigned permissions are acquired by the users. The user�s misuse capability is also bounded by their allocated budget. It also provides a uniform mechanism to detect and prevent misuse.
