To view enire model core rbac denion 1 core rbac users

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: on RBAC Reference Model •  The NIST RBAC model is defined in terms of four model components . •  •  •  •  Core RBAC Hierarchical RBAC StaIc SeparaIon of Duty RelaIons Dynamic SeparaIon of Duty RelaIons •  Each Component is defined by subcomponents: •  Set of basic elements sets •  A set of RBAC relaIons involving those elements sets. •  A set of mapping funcIons that yield instances of members from one element set for a given instance from another element set. Core RBAC •  Contains the essenIal aspects of RBAC. •  users are assigned to roles, and users acquire permissions by being members of roles. •  Includes requirements that user- role and permission- role assignment can be many- to- many. •  It includes requirements for user- role review whereby the roles assigned to a specific user can be determined as well as users assigned to specific role. A similar requirement for permission- role review is imposed as an advanced review feature. •  It allows includes the concept of user sessions, which allows selecIve acIvaIon and deacIvaIon of roles. •  Finally it requires that users be able to simultaneously exercise permission of mulIple roles. This precludes products that restrict users of acIvaIon of one role at a Ime. Core RBAC •  Same as RBAC0 (users, roles, permissions, sessions) –  Object: any resource –  OperaIon: executable image of a program –  Permission: approval to perform an opera/on on object(s) •  Administra9ve func9ons: add/delete users and roles, create/delete user- to- role and permission- to- role assignments •  Suppor9ng system func9ons: session ß། create, add/delete role, check permission •  Review func9ons: enable admin. to view enIre model Core RBAC Defini&...
View Full Document

This note was uploaded on 02/03/2014 for the course ECE 422 taught by Professor Nicol during the Fall '08 term at University of Illinois, Urbana Champaign.

Ask a homework question - tutors are online