Chapter, Peer reviewed
MetadataShow full item record
In this paper we propose a trust-aware enhancement of RBAC (TA-RBAC) that takes trustworthiness of users into consideration explicitly before granting access. We assume that each role in the framework is associated with an expression that describe trustworthiness of subjects required to be able to activate the role, and each subject (user) has assigned trustworthiness level in the system. By adding trustworthiness constraints to roles we enhance system, for example, with more flexible ability to delegate roles, to control reading/updating of objects by denying such operations to those subjects that violate trustworthiness requirements.
Published version of a chapter in the book: Computer Network Security. Also available from the publisher at: http://dx.doi.org/10.1007/978-3-642-33704-8_9