Title: Discover-Based Role Activations in role-based Access Control
Authors: Raman Adaikkalavan and Sharma Chakravarthy
Abstract: In role-based access control (RBAC), users and objects are assigned
to one or more roles. Users should be active in the role that has the required permissions
before access is granted. Thus, users should be aware of the role-permission assignments for
activating the required roles. In general, with respect to role activations, current systems follow the human-active,
system-passive model. Users often get swamped with role activations due to numerous factors
that include increase in the number of objects, multiple role assignments, and shifting roles
often, and lean toward activating all the assigned roles violating the principle of least
privilege (PLP). In this paper we introduce SmartAccess, a system based on the system-active,
human-passive model, that allows users to concentrate on what objects they need, rather than
what role should be activated in order to carry on their work efficiently. Furthermore, it
provides access control by preserving the PLP and without any information leak. We provide
algorithms for discovering roles and analyze various associated factors.
Biography: Raman Adaikkalavan is a Ph.D. Candidate in the Department of
Computer Science and Engineering at The University of Texas at Arlington. He received his
M.S. degree from The University of Texas at Arlington in 2002. His current research interests
include security and privacy in databases, information retrieval, grid, distributed and
pervasive environments. He is a member of TBP, UPE, ACM and IEEE. He is also a recipient
of the University Scholar award twice and is listed in the Who's Who Among Students in
American Universities and Colleges.