Abstract
Role-based access control (RBAC) has significantly simplified the management of users and permissions in computing systems. In dynamic environments, systems are subject to changes, so that the associated configurations need to be updated accordingly in order to reflect the systems' evolution. Access control update is complex, especially for large-scale systems; because the updated system is expected to meet necessary constraints. This paper presents a tool, RoleUpdater, which answers administrators' high-level update request for role-based access control systems. RoleUpdater is able to automatically check whether a required update is achievable and, if so, to construct a reference model. In light of this model, administrators could fulfill the changes to RBAC systems. RoleUpdater is able to cope with practical update requests, e.g., that include role hierarchies and administrative rules in effect. Moreover, RoleUp-dater can also provide minimal update in the sense that no redundant changes are implemented.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of LISA '10: 24th Large Installation System Administration Conference, November 7-12, 2010, San Jose, California |
| Publisher | USENIX Association |
| Pages | 59-73 |
| Number of pages | 15 |
| Publication status | Published - 2010 |
| Event | Large Installation System Administration Conference - Duration: 7 Nov 2010 → … |
Conference
| Conference | Large Installation System Administration Conference |
|---|---|
| Period | 7/11/10 → … |