Severity Level of Permissions in Role-Based Access Control

  title={Severity Level of Permissions in Role-Based Access Control},
  author={Sergey V. Belim and Nadezda F. Bogachenko and A. N. Kabanov},
  journal={2018 Dynamics of Systems, Mechanisms and Machines (Dynamics)},
The analysis of hidden channels of information leakage with respect to role-based access control includes monitoring of excessive permissions among users. It is not always possible to completely eliminate redundancy. The problem of ranking permissions arises in order to identify the most significant, for which redundancy is most not desirable. A numerical characteristic that reflects the value or importance of permissions is called the "severity level". A number of heuristic assumptions have… 
1 Citations

Figures and Tables from this paper

The Security Policies Optimization Problem for Composite Information Systems
  • S. Belim, S. Belim
  • Computer Science
    2020 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon)
  • 2020
The problem of optimizing the security policy for the composite information system is formulated and subject-object model for information system was used and the main problems of optimization the composite security policy are formulated.


User authorization in a system with a role-based access control on the basis of the analytic hierarchy process
The problem of optimal authorization of a user in a system with a role-based access control policy is considered and an algorithm for calculating weight coefficients is presented, based on the quantitative characteristics of the role graph and not dependent on subjective expert evaluations.
On the formalization and analysis of a spatio-temporal role-based access control model
This work describes how each entity in the role-based access control model is affected by time and location and proposes constraints to express this, and shows how the formal semantics of the model can be expressed using graph-theoretic notation.
Role-Based Access Control Models
Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed.
Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving
This paper designs an automated analysis technique that can handle both a bounded and an unbounded number of users by adapting recent methods for the symbolic model checking of infinite state systems that use first-order logic and SMT solving techniques.
Role-Based Access Controls
A type of non-discretionary access contro l - role-based access control (RBAC) that is more central to the secure processing needs ofnon-military systems than DAC is described.
A graph-based system for network-vulnerability analysis
A graph-based tool can identify the set of attack paths that have a high probability of success (or a low effort cost) for the attacker, and is used to test the effectiveness of making configuration changes, implementing an intrusion detection system, etc.
Network Security Risk Assessment Based on Fuzzy Analytical Hierarchy Process
An evaluation method based on fuzzy analytic hierarchy process (FAHP) for network security risk assessment is proposed and it provides a reliable basis for security risk control strategy of network security staff.