Changes between Version 19 and Version 20 of Internal/Rbac/OrbitRbacDesign


Ignore:
Timestamp:
Sep 8, 2006, 8:03:10 PM (18 years ago)
Author:
hedinger
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Internal/Rbac/OrbitRbacDesign

    v19 v20  
    44Siswati Swami's recent "Requirements Specifications for ORBIT Access Control" [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/Specs2.pdf Swa06]] contains an anlaysis of each of the roles in which an ORBIT user might act when working on an ORBIT project.  The analysis is based on use cases [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/IC_TECH_REPORT_200131.pdf NW01]] [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/fernandez97determining.pdf FH97]] and contains a permissions matrix with access granted or not granted for each role and resource combination.
    55=== RBAC Research for Implementation ===
    6 There is one book [[http://www.amazon.com/gp/product/1580533701/ FKC03]] and a surprisingly large number of articles, papers, PhD theses, and web sites that touch on aspects of the design and implemenation of role-based access control for ORBIT.  Many of these sources are theoretical in nature, although some of the theoretical work includes implementation of user-role assignment checking tools.  The following discuss RBAC implementation issues.
     6There is one book [[http://www.amazon.com/gp/product/1580533701/ FKC03]] and a surprisingly large number of articles, papers, PhD theses, and web sites that touch on aspects of the design and implemenation of role-based access control for ORBIT.  Many of these sources are theoretical in nature, although some of the theoretical work includes implementation of tools to specify and check user-role assignments and constraints.  The following discuss RBAC implementation issues.
    77
    88Ahn and Hong discuss a Linux implementation that uses UNIX groups to implement Static Separation of Duty [[http://orbit-lab.org/attachment/wiki/Internal/Rbac/RbacResources/WOSIS2004.pdf AH04]].