HP Labs Technical Reports



Click here for full text: Postscript PDF

Towards a More Complete Model of Role

Goh, Cheh; Baldwin, Adrian

HPL-98-92

Keyword(s): role-based; access control; RBAC, management, constraint-based; subsidiarity

Abstract: In order to manage the use of roles for the purpose of access control, it is important to look at attributes beyond the consideration of capability assignment. Fundamentally, a generic attribute description using a constraint-based approach will allow many of the important aspects of role, such as scope, activation and deactivation, to be included. Furthermore, the commonly accepted concept of role hierarchy is challenged from the point of view of subsidiarity in real organisations, with the suggestion that role hierarchy has limited usefulness that does not seem to apply widely.

8 Pages

Back to Index

[Research] [News] [Tech Reports] [Palo Alto] [Bristol] [Japan] [Israel] [Site Map][Home] [Hewlett-Packard]