| Popis: |
Secure and effective access control is critical to sensitive organizations, especially when multiple organizations are working together using diverse systems. To alleviate the confusion and challenges of redundancy in such a large, complex organization, in this paper we introduce a composite role-based access control (RBAC) approach, by separating the organizational and system role structures and by providing the mapping between them. This allows for the explicit identification and separation of organizational and target-system roles, role hierarchies, role assignments, constraints, and role activations, with an attempt to bridge the gap between the organizational and system role structures. The composite RBAC approach supports scalable and reusable RBAC mechanisms for large, complex organizations. Our research explores the newly created Department of Homeland Security (DHS) as a large, complex organization in which the Composite RBAC can be applied. |
