Search results

1 – 1 of 1

View access options

Article

Publication date: 1 December 2004

Formal definition and implementation of business‐oriented SoD access control policy

Based on organizational task decomposition, an extensive role‐based access control (ERBAC) model is proposed in this paper. In ERBAC, the abstract concept of “permission” in…

HTML

PDF (217 KB)

Downloads

748

Abstract

Based on organizational task decomposition, an extensive role‐based access control (ERBAC) model is proposed in this paper. In ERBAC, the abstract concept of “permission” in RBAC96 is substituted by a set of “tasks”, mutual exclusion of basic business actions and mutual exclusion of roles are presented, and separation of duty (SoD) policy is defined formally. Furthermore, a method of identifying mutual exclusion of roles is described, and static SoD and dynamic SoD algorithms are discussed. This paper is significant for modeling and implementing business‐oriented SoD policy for information systems.

Details

Information Management & Computer Security, vol. 12 no. 5

Type: Research Article

DOI:

ISSN: 0968-5227

Keywords

Access

Year

All dates (1)

Content type

Article (1)