An ORACLE Implementation of the PRA97 Model for Permission-Role Assignment Ravi Sandhu Venkata Bhamidipati George Mason University.

Slides:



Advertisements
Similar presentations
Cyber-Identity, Authority and Trust in an Uncertain World
Advertisements

Role Based Access Control
Access Control Prof. Ravi Sandhu Executive Director and Endowed Chair
Cyber-Identity and Authorization in an Uncertain World Ravi Sandhu Laboratory for Information Security Technology Department of Information.
1 Framework for Role-Based Delegation Models (RBDMs) By: Ezedin S.Barka and Ravi Sandhu Laboratory Of Information Security Technology George Mason University.
FRAMEWORK FOR AGENT-BASED ROLE DELEGATION Presentation by: Ezedin S. Barka UAE University.
© 2004 Ravi Sandhu Role-Based Access Control Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University.
INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.
Role-Based Access Control Prof. Ravi Sandhu George Mason University and NSD Security SACMAT 2003.
1 SACMAT 2002 © Oh and Sandhu 2002 A Model for Role Administration Using Organization Structure Sejong Oh Ravi Sandhu * George Mason University.
ARBAC99 (Model for Administration of Roles)
Ravi Sandhu Venkata Bhamidipati
PBDM: A Flexible Delegation Model in RBAC Xinwen Zhang, Sejong Oh George Mason University Ravi Sandhu George Mason University and NSD Security.
ARBAC 97 (ADMINISTRATIVE RBAC)
Role Activation Hierarchies Ravi Sandhu George Mason University.
ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.
ROLE HIERARCHIES AND CONSTRAINTS FOR LATTICE-BASED ACCESS CONTROLS
SECURING CYBERSPACE: THE OM-AM, RBAC AND PKI ROADMAP Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University
How to do Discretionary Access Control Using Roles Ravi Sandhu Qamar Munawer.
Institute for Cyber Security ASCAA Principles for Next-Generation Role-Based Access Control Ravi Sandhu Executive Director and Endowed Chair Institute.
Future Directions in Role-Based Access Control Models Ravi Sandhu Co-Founder and Chief Scientist SingleSignOn.Net & Professor of Information Technology.
Gail-Joon Ahn and Ravi Sandhu George Mason University Myong Kang and Joon Park Naval Research Laboratory Injecting RBAC to Secure a Web-based Workflow.
ENGINEERING AUTHORITY AND TRUST IN CYBERSPACE: A ROLE-BASED APPROACH Prof. Ravi Sandhu Laboratory for Information Security Technology George Mason University.
ISA 662 RBAC-MAC-DAC Prof. Ravi Sandhu. 2 © Ravi Sandhu RBAC96 ROLES USER-ROLE ASSIGNMENT PERMISSIONS-ROLE ASSIGNMENT USERSPERMISSIONS... SESSIONS ROLE.
© 2006 Ravi Sandhu Cyber-Identity, Authority and Trust Systems Prof. Ravi Sandhu Professor of Information Security and Assurance Director,
A Role-Based Delegation Model and some extensions By: Ezedin S.Barka Ravi Sandhu George Mason University.
ROLE-BASED ACCESS CONTROL: A MULTI-DIMENSIONAL VIEW Ravi Sandhu, Edward Coyne, Hal Feinstein and Charles Youman Seta Corporation McLean, VA Ravi Sandhu.
A THREE TIER ARCHITECTURE FOR ROLE-BASED ACCESS CONTROL Ravi Sandhu and Hal Feinstein Seta Corporation McLean, VA Ongoing NIST-funded project Other Project.
INFS 767 Fall 2003 Administrative RBAC
© 2005 Ravi Sandhu Permissions and Inheritance (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
© 2005 Ravi Sandhu Administrative Scope (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology George.
© 2005 Ravi Sandhu Administrative Scope (continued) (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
© 2005 Ravi Sandhu Role Usage and Activation Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security.
OM-AM and RBAC Ravi Sandhu * Laboratory for Information Security Technology (LIST) George Mason University.
Engineering Authority and Trust in Cyberspace: The OM-AM and RBAC Way Prof. Ravi Sandhu George Mason University
© 2005 Ravi Sandhu Access Control Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology.
Buffer stocks to stabilise incomes P QO D a P1P1.
Supply and Demand: Market Equilibrium. Equilibrium When supply = demand, there is equilibrium in the market Equilibrium creates a single price and quantity.
ROLE BASED ACCESS CONTROL
The RBAC96 Model Prof. Ravi Sandhu. 2 © Ravi Sandhu WHAT IS RBAC?  multidimensional  open ended  ranges from simple to sophisticated.
Access Control RBAC Database Activity Monitoring.
Role Based Access Control Venkata Marella. Access Control System Access control is the ability to permit or deny the use of a particular resource by a.
Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.
US Army Corps of Engineers November 2007 Access Control.
1 A Role Based Administration Model For Attribute Xin Jin, Ram Krishnan, Ravi Sandhu SRAS, Sep 19, 2012 World-Leading Research with Real-World Impact!
1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011
User Management Implementation at UCL Mike Haward April 2015 Version 1.0.
Advanced Databases DBA: Security 1. Advanced Databases Agenda Understand the need for security. Learn about System Permissions and Object permissions.
CSCE 201 Introduction to Information Security Fall 2010 Access Control Models.
Elaine van Bergen Bacchus van
Copyright © 2007, Oracle. All rights reserved. Implementing Role-Based Security.
Module 8: Implementing Group Policy. Overview Multimedia: Introduction to Group Policy Implementing Group Policy Objects Implementing GPOs on a Domain.
1 Role-Based Access Control (RBAC) Prof. Ravi Sandhu Executive Director and Endowed Chair January 29, © Ravi.
Role-Based Access Control (RBAC)
Institute for Cyber Security
Institute for Cyber Security An Attribute-Based Protection Model
Institute for Cyber Security
Institute for Cyber Security
Security Enhanced Administrative Role Based Access Control Models
Role-Based Access Control (RBAC)
مدل مديريتي كنترل دسترسي نقش مبنا
OM-AM and RBAC Ravi Sandhu*
RBAC-LBAC-DAC Prof. Ravi Sandhu.
Administration Module
Module 8: Implementing Group Policy
ASCAA Principles for Next-Generation Role-Based Access Control
Engineering Authority and Trust in Cyberspace: George Mason University
Role-Based Access Control George Mason University and
Assured Information Sharing
World-Leading Research with Real-World Impact!
Presentation transcript:

An ORACLE Implementation of the PRA97 Model for Permission-Role Assignment Ravi Sandhu Venkata Bhamidipati George Mason University

2 © Ravi Sandhu 1997 ARBAC97 DECENTRALIZES u user-role assignment (URA97) l ORACLE implementation in 1997 u permission-role assignment (PRA97) l ORACLE implementation in 1998 u role-role hierarchy n groups or user-only roles (extend URA97) n abilities or permission-only roles (extend PRA97) n UP-roles or user-and-permission roles (RRA97)

3 © Ravi Sandhu 1997 EXAMPLE ROLE HIERARCHY Employee (E) Engineering Department (ED) Project Lead 1 (PL1) Engineer 1 (E1) Production 1 (P1) Quality 1 (Q1) Director (DIR) Project Lead 2 (PL2) Engineer 2 (E2) Production 2 (P2) Quality 2 (Q2) PROJECT 2PROJECT 1

4 © Ravi Sandhu 1997 EXAMPLE ADMINISTRATIVE ROLE HIERARCHY Senior Security Officer (SSO) Department Security Officer (DSO) Project Security Officer 1 (PSO1) Project Security Officer 2 (PSO2)

5 © Ravi Sandhu 1997 PERMISSION-ROLE ASSIGNMENT u dual of user-role assignment u can-assign-permission can-revoke-permission u weak revoke strong revoke (propagates down)

6 © Ravi Sandhu 1997 PERMISSION-ROLE ASSIGNMENT CAN-ASSIGN-PERMISSION ARolePrereq CondRole Range PSO1PL1[E1,PL1) PSO2PL2[E2,PL2) DSOE1 E2[ED,ED] SSOPL1 PL2 [ED,ED] SSOED[E,E]

7 © Ravi Sandhu 1997 PERMISSION-ROLE ASSIGNMENT CAN-REVOKE-PERMISSION ARoleRole Range PSO1[E1,PL1] PSO2[E2,PL2] DSO(ED,DIR) SSO[ED,DIR]

8 © Ravi Sandhu 1997 ORACLE IMPLEMENTATION u assigns and revokes individual permissions to roles u can be extended to assign and revoke roles (permission-only abilities) to roles (UP-roles) l decentralization of permission-role assignment is probably more effective in this mode

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.