Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2005 Ravi Sandhu www.list.gmu.edu Administrative Scope (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology George.

Published byJasmine Davies Modified over 10 years ago

Similar presentations

Presentation on theme: "© 2005 Ravi Sandhu www.list.gmu.edu Administrative Scope (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology George."— Presentation transcript:

1 © 2005 Ravi Sandhu www.list.gmu.edu Administrative Scope (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology George Mason University www.list.gmu.edu sandhu@gmu.edu

2 © 2005 Ravi Sandhu www.list.gmu.edu 2 Administrative Scope Jason Crampton and George Loizou. Administrative scope: A foundation for role-based administrative models. ACM Transactions on Information and System Security, Volume 6, Number 2, May 2003, pages 201-231. Several diagrams and text excerpts are taken directly from this paper.

3 © 2005 Ravi Sandhu www.list.gmu.edu 3 Administrative Scope

4 © 2005 Ravi Sandhu www.list.gmu.edu 4 Example Hierarchies

5 © 2005 Ravi Sandhu www.list.gmu.edu 5 Notation Immediate childrenImmediate parentsMinimal roles Maximal roles Junior rolesSenior roles

6 © 2005 Ravi Sandhu www.list.gmu.edu 6 Four Operations

7 © 2005 Ravi Sandhu www.list.gmu.edu 7 Semantics of Edge Operations

8 © 2005 Ravi Sandhu www.list.gmu.edu 8 Edge Insertion Anomaly YNNYNN NNYNNY AddEdge(DSO,PE1,QE1) Y

9 © 2005 Ravi Sandhu www.list.gmu.edu 9 Administrative Scope

10 © 2005 Ravi Sandhu www.list.gmu.edu 10 Evolving Administrative Scope Dynamic administrative scope Versus Static can-modify

11 © 2005 Ravi Sandhu www.list.gmu.edu 11 Administrative Scope r is an immediate child of r

12 © 2005 Ravi Sandhu www.list.gmu.edu 12 RHA Conditions for Four Operations These conditions always apply RHA1 Additional conditions may be imposed RHA2, RHA3, RHA4

13 © 2005 Ravi Sandhu www.list.gmu.edu 13 RHA1 Regular roles are also administrative roles A role administers roles in its administrative scope No further conditions Too permissive ED administers E

14 © 2005 Ravi Sandhu www.list.gmu.edu 14 RHA2 RHA1 plus Only roles explicitly designated as administrators can administer Say DIR, PL1, PL2 but not ED and the others

15 © 2005 Ravi Sandhu www.list.gmu.edu 15 RHA3

16 © 2005 Ravi Sandhu www.list.gmu.edu 16 RHA3

Download ppt "© 2005 Ravi Sandhu www.list.gmu.edu Administrative Scope (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology George."

Similar presentations

Who Wants To Be A Millionaire?

Who Wants To Be A Millionaire?
Bellwork If you roll a die, what is the probability that you roll a 2 or an odd number? P(2 or odd) 2. Is this an example of mutually exclusive, overlapping,

Bellwork If you roll a die, what is the probability that you roll a 2 or an odd number? P(2 or odd) 2. Is this an example of mutually exclusive, overlapping,
Slide 1 Insert your own content. Slide 2 Insert your own content.

Slide 1 Insert your own content. Slide 2 Insert your own content.
Cyber-Identity, Authority and Trust in an Uncertain World

Cyber-Identity, Authority and Trust in an Uncertain World
Role Based Access Control

Role Based Access Control
1 ACSAC 2002 © Mohammad al-Kahtani 2002 A Model for Attribute-Based User-Role Assignment Mohammad A. Al-Kahtani Ravi Sandhu George Mason University SingleSignOn.net,

1 ACSAC 2002 © Mohammad al-Kahtani 2002 A Model for Attribute-Based User-Role Assignment Mohammad A. Al-Kahtani Ravi Sandhu George Mason University SingleSignOn.net,
© 2004 Ravi Sandhu www.list.gmu.edu The Schematic Protection Model (SPM) Ravi Sandhu Laboratory for Information Security Technology George Mason University.

© 2004 Ravi Sandhu The Schematic Protection Model (SPM) Ravi Sandhu Laboratory for Information Security Technology George Mason University.
© 2004 Ravi Sandhu www.list.gmu.edu The Safety Problem in Access Control HRU Model Ravi Sandhu Laboratory for Information Security Technology George Mason.

© 2004 Ravi Sandhu The Safety Problem in Access Control HRU Model Ravi Sandhu Laboratory for Information Security Technology George Mason.
1 Framework for Role-Based Delegation Models (RBDMs) By: Ezedin S.Barka and Ravi Sandhu Laboratory Of Information Security Technology George Mason University.

1 Framework for Role-Based Delegation Models (RBDMs) By: Ezedin S.Barka and Ravi Sandhu Laboratory Of Information Security Technology George Mason University.
© 2004 Ravi Sandhu www.list.gmu.edu A Perspective on Graphs and Access Control Models Ravi Sandhu Laboratory for Information Security Technology George.

© 2004 Ravi Sandhu A Perspective on Graphs and Access Control Models Ravi Sandhu Laboratory for Information Security Technology George.
FRAMEWORK FOR AGENT-BASED ROLE DELEGATION Presentation by: Ezedin S. Barka UAE University.

FRAMEWORK FOR AGENT-BASED ROLE DELEGATION Presentation by: Ezedin S. Barka UAE University.
INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.

INFS 767 Fall 2003 The RBAC96 Model Prof. Ravi Sandhu George Mason University.
1 SACMAT 2002 © Oh and Sandhu 2002 A Model for Role Administration Using Organization Structure Sejong Oh Ravi Sandhu * George Mason University.

1 SACMAT 2002 © Oh and Sandhu 2002 A Model for Role Administration Using Organization Structure Sejong Oh Ravi Sandhu * George Mason University.
ARBAC99 (Model for Administration of Roles)

ARBAC99 (Model for Administration of Roles)
Ravi Sandhu Venkata Bhamidipati

Ravi Sandhu Venkata Bhamidipati
© 2006 Ravi Sandhu www.list.gmu.edu Secure Information Sharing Enabled by Trusted Computing and PEI * Models Ravi Sandhu (George Mason University and TriCipher)

© 2006 Ravi Sandhu Secure Information Sharing Enabled by Trusted Computing and PEI * Models Ravi Sandhu (George Mason University and TriCipher)
ARBAC 97 (ADMINISTRATIVE RBAC)

ARBAC 97 (ADMINISTRATIVE RBAC)
1 TRANSACTION CONTROL EXPRESSIONS (TCEs) Ravi Sandhu.

1 TRANSACTION CONTROL EXPRESSIONS (TCEs) Ravi Sandhu.
Role Activation Hierarchies Ravi Sandhu George Mason University.

Role Activation Hierarchies Ravi Sandhu George Mason University.
ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.

ACCESS CONTROL: THE NEGLECTED FRONTIER Ravi Sandhu George Mason University.

Similar presentations

Ads by Google