• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Extended Role-Based Access Control with Context-Based Role Filtering

Vol. 14, No. 3, March 31, 2020
10.3837/tiis.2020.03.019, Download Paper (Free):

Abstract

Activating appropriate roles for a session in the role-based access control (RBAC) model has become challenging because of the so-called role explosion. In this paper, factors and issues related to user-driven role management are analysed, and a session role activation (SRA) problem based on reasonable assumptions is proposed to describe the problem of such role management. To solve the SRA problem, we propose an extended RBAC model with context-based role filtering. When a session is created, context conditions are used to filter roles that do not need to be activated for the session. This significantly reduces the candidate roles that need to be reviewed by the user, and aids the user in rapidly activating the appropriate roles. Simulations are carried out, and the results show that the extended RBAC model is effective in filtering the roles that are unnecessary for a session by using predefined context conditions. The extended RBAC model is also implemented in the Apache Shiro framework, and the modifications to Shiro are described in detail.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
G. Liu, R. Zhang, B. Wan, S. Ji and Y. Tian, "Extended Role-Based Access Control with Context-Based Role Filtering," KSII Transactions on Internet and Information Systems, vol. 14, no. 3, pp. 1263-1279, 2020. DOI: 10.3837/tiis.2020.03.019.

[ACM Style]
Gang Liu, Runnan Zhang, Bo Wan, Shaomin Ji, and Yumin Tian. 2020. Extended Role-Based Access Control with Context-Based Role Filtering. KSII Transactions on Internet and Information Systems, 14, 3, (2020), 1263-1279. DOI: 10.3837/tiis.2020.03.019.