RACAC: An Approach toward RBAC and ABAC Combining Access Control
| Autor: | Sun Long, Li Yan |
|---|---|
| Rok vydání: | 2019 |
| Předmět: |
Flexibility (engineering)
Authentication business.industry Computer science Distributed computing Authorization 020206 networking & telecommunications Access control 0102 computer and information sciences 02 engineering and technology 01 natural sciences 010201 computation theory & mathematics 0202 electrical engineering electronic engineering information engineering Task analysis Role-based access control Privilege Management Infrastructure business |
| Zdroj: | 2019 IEEE 5th International Conference on Computer and Communications (ICCC). |
| DOI: | 10.1109/iccc47050.2019.9064301 |
| Popis: | Either RBAC or ABAC has its own advance and shortage in large enterprise applications, thus there is a need for a hybrid access control model which combines the merits of both models. By weighing the advantages and disadvantages of both models, this paper proposes an easy way to implement a general framework of hybrid access control which combines the merits of RBAC and ABAC. The model support dynamic authentication and authorization by using attribute policies which is based on the RBAC infrastructure framework. We give a case study to implementation and analyze the hybrid model RACAC. The experiments show that RACAC model overcomes many limitations of pure RBAC and ABAC, effectively lessens the complexity and enhances the flexibility of privilege management in fine-grained access control system compared to a pure RBAC or ABAC model. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|