期刊名称:International Journal of Computer Science and Security (IJCSS)
电子版ISSN:1985-1553
出版年度:2008
卷号:2
期号:4
页码:28-42
出版社:Computer Science Journals
摘要:Hierarchical representation is a natural way of organizing roles in role-based access control systems. Besides its advantages of providing a way of establishing parent-child relationships among different roles, it also provides a facility to design and organize context dependant application roles that users may activate depending on their current context (spatial, temporal) conditions. In this paper, we show that if spatial roles are organized in hierarchical relationships, it can cause the problem of disambiguation in making access control decisions especially when the user moves from one location to another location frequently in a single transaction and a single session. We extend our work of Contextual Role-Based Access Control (C-RBAC) by introducing hierarchical relationship among subject, location and purpose roles and solve the disambiguation problem in hierarchy by considering user motion direction and his/her context roles (spatial and spatial purpose) in order to make more fine grained and better access control decisions.
