Db1 a role can be assigned to one or more prms

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: amp;on 1. Core RBAC. •  •  •  •  •  •  •  •  •  •  •  •  USERS, ROLES, OPS, and OBS (users, roles, operaIons, and objects, respecIvely). UA USERS ROLES, a many- to- many mapping user- to- role assignment relaIon. assigned users: (r:ROLES) →2^USERS, the mapping of role r onto a set of users. Formally: assigned_users(r) = {u ε USERS (u, r) ε UA}. PRMS = 2 ^ (OPS xOBS), the set of permissions. PA ⊆ PRMS x ROLES, a many- to- many mapping permission- to- role assignment relaIon. assigned permissions(r: ROLES) → 2^PRMS, the mapping of role r onto a set of permissions. Formally: assigned permissions(r) = {u ε PRMS (p, r) ε PA}. Ob(p: PRMS) →{op ⊆ OPS}, the permission- to- operaIon mapping, which gives the set of operaIons associated with permission p. Ob(p: PRMS) → {ob ⊆ OBS}, the permission- to- object mapping, which give the set of objects associated with permission p. SESSIONS, the set of sessions. user sessions (u: USERS) → 2^SESSIONS, the mapping of user u onto a set of sessions. session roles (s: SESSIONS) → 2^ROLES, the mapping of session s onto a set of roles. Formally: session roles (st) ⊆ {r ε ROLES | (session_users (st ), r ε UA}. Role hierarchies can be defined as inheritance relaIonships between roles. USERS Process Person Intelligent Agent ROLES An organizational job function with a clear definition of inherent responsibility and authority (permissions). Developer Budget Manager Help Desk Representative Director Relation between USERS & PRMS OPERATIONS An execution of a program specific function that is invocated by a user. ü༏  Database – Update Insert Append ü༏  Delete Locks – Open Close ü༏  Reports – Create View Print ü༏  ApplicaIons - Read Write Execute SQL OBJECTS An enIty that contains or receives informaIon, or has exhausIble system resources. • OS Files or Directories • DB Columns, Rows, Tables, or Views • Printer • Disk Space •...
View Full Document

This note was uploaded on 02/03/2014 for the course ECE 422 taught by Professor Nicol during the Fall '08 term at University of Illinois, Urbana Champaign.

Ask a homework question - tutors are online