Poster: trans-organizational role-based access control

Abstract

Role-Based Access Control (RBAC) is a powerful and versatile access control system for large-scale access control management within an organization. Most studies so far consider RBAC models that have a single consistent access control policy, which implicitly confine an RBAC system to one organization. However, many real-world requirements of access control span multiple organizations; thus, there is a need to design scalable RBAC models for such use cases. We propose a trans-organizational RBAC model that enables access control within and across organizations. A formal definition of trans-organizational RBAC is presented. We show that the model is scalable in a multi-organization setup, and does not require the creation of federations. Finally, a security issue in the model is identified and possible approaches to address this are discussed.

DOI: 10.1145/2046707.2093501

Extracted Key Phrases

2 Figures and Tables

Cite this paper

@inproceedings{Mejia2011PosterTR, title={Poster: trans-organizational role-based access control}, author={Ramon Francisco Pacquiao Mejia and Yuichi Kaji and Hiroyuki Seki}, booktitle={ACM Conference on Computer and Communications Security}, year={2011} }