Conferences in Research and Practice in Information Technology
  

Online Version - Last Updated - 20 Jan 2012

 

 
Home
 

 
Procedures and Resources for Authors

 
Information and Resources for Volume Editors
 

 
Orders and Subscriptions
 

 
Published Articles

 
Upcoming Volumes
 

 
Contact Us
 

 
Useful External Links
 

 
CRPIT Site Search
 
    

Formal Authorisation Allocation Approaches for Permission-role Assignment Using Relational Algebra Operations

Wang, H., Zhang, Y. and Cao, J.

    In this paper, we develop formal authorization allocation algorithms for permission-role assignments. The formal approaches are based on relational structure, relational algebra and operations. The process of permission-role assignments is an important issue in role-based access control (RBAC) as it may modify the authorization level or imply high-level confidential information to be derived when roles are changed and request different permissions. There are two types of problems that may arise in permission-role assignments. One is related to authorization granting process. Conflicting permissions may be granted to a role, and as a result, users with the role may have or derive a high level of authority. Another is related to authorization revocation. When permission is revoked from a role, the role may still have the permissions from other roles. To solve the problems, this paper presents an authorization granting algorithm, and weak revocation and strong revocation algorithms that are based on relational algebra operations. The algorithms can be used to check conflicts and therefore to help allocate permissions without compromising the security in RBAC. We describe how to use the new algorithms with an anonymity scalable payment scheme. Finally, comparisons with other related work are discussed.
Cite as: Wang, H., Zhang, Y. and Cao, J. (2003). Formal Authorisation Allocation Approaches for Permission-role Assignment Using Relational Algebra Operations. In Proc. Fourteenth Australasian Database Conference (ADC2003), Adelaide, Australia. CRPIT, 17. Schewe, K.-D. and Zhou, X., Eds. ACS. 125-133.
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS
 

 

ACS Logo© Copyright Australian Computer Society Inc. 2001-2014.
Comments should be sent to the webmaster at crpit@scem.uws.edu.au.
This page last updated 16 Nov 2007