HP Labs Technical Reports
Click here for full text:
Towards a More Complete Model of Role
Goh, Cheh; Baldwin, Adrian
Keyword(s): role-based; access control; RBAC, management, constraint-based; subsidiarity
Abstract: In order to manage the use of roles for the purpose of access control, it is important to look at attributes beyond the consideration of capability assignment. Fundamentally, a generic attribute description using a constraint-based approach will allow many of the important aspects of role, such as scope, activation and deactivation, to be included. Furthermore, the commonly accepted concept of role hierarchy is challenged from the point of view of subsidiarity in real organisations, with the suggestion that role hierarchy has limited usefulness that does not seem to apply widely.
Back to Index