Severity Level of Permissions in Role-Based Access Control

  title={Severity Level of Permissions in Role-Based Access Control},
  author={S. Belim and N. F. Bogachenko and A. Kabanov},
  journal={2018 Dynamics of Systems, Mechanisms and Machines (Dynamics)},
The analysis of hidden channels of information leakage with respect to role-based access control includes monitoring of excessive permissions among users. It is not always possible to completely eliminate redundancy. The problem of ranking permissions arises in order to identify the most significant, for which redundancy is most not desirable. A numerical characteristic that reflects the value or importance of permissions is called the "severity level". A number of heuristic assumptions have… Expand
1 Citations
The Security Policies Optimization Problem for Composite Information Systems
  • S. Belim, S. Belim
  • Computer Science
  • 2020 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon)
  • 2020
The problem of optimizing the security policy for the composite information system is formulated and subject-object model for information system was used and the main problems of optimization the composite security policy are formulated. Expand


User authorization in a system with a role-based access control on the basis of the analytic hierarchy process
The problem of optimal authorization of a user in a system with a role-based access control policy is considered and an algorithm for calculating weight coefficients is presented, based on the quantitative characteristics of the role graph and not dependent on subjective expert evaluations. Expand
Budget-aware Role Based Access Control
A novel Budget-aware Role Based Access Control (B-RBAC) model is proposed that extends RBAC with the explicit notion of budget and cost, where users are assigned a limited budget through which they pay for the cost of permissions they need. Expand
CRiBAC: Community-centric role interaction based access control model
This paper refine and extend the preliminary RiBAC model, which was proposed earlier to support secure interactions among agents, and extend it to CRiBAC to support community-based cooperation among agents to allow secure cooperation in MASs. Expand
On the formalization and analysis of a spatio-temporal role-based access control model
This work describes how each entity in the role-based access control model is affected by time and location and proposes constraints to express this, and shows how the formal semantics of the model can be expressed using graph-theoretic notation. Expand
Role-Based Access Control Models
Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed. Expand
Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving
This paper designs an automated analysis technique that can handle both a bounded and an unbounded number of users by adapting recent methods for the symbolic model checking of infinite state systems that use first-order logic and SMT solving techniques. Expand
Role-Based Access Controls
A type of non-discretionary access contro l - role-based access control (RBAC) that is more central to the secure processing needs ofnon-military systems than DAC is described. Expand
Roles in information security - A survey and classification of the research area
This survey revealed more than 1300 publications dealing with the application of sociological role theory in the context of Information Security up to now, with a categorization of the complete underlying set of publications into different classes. Expand
A graph-based system for network-vulnerability analysis
A graph-based tool can identify the set of attack paths that have a high probability of success (or a low effort cost) for the attacker, and is used to test the effectiveness of making configuration changes, implementing an intrusion detection system, etc. Expand
Network Security Risk Assessment Based on Fuzzy Analytical Hierarchy Process
This paper proposes an evaluation method based on fuzzy analytic hierarchy process (FAHP) for network security risk assessment. The paper analyzes the network security risk factors. By pairedExpand