Key Features:
No. of pages: 143
Abstract:
Role Based Access Control (RBAC) is a flexible and policy-neutral access control security management model. For large systems, with hundreds of roles, thousands of users, and millions of permissions, managing roles, users, permissions, and their interrelationships is a formidable task that can't realistically be centralized in a small team of security administrators.
An appealing possibility is to use RBAC itself to facilitate decentralized access control security administration of RBAC. In this thesis, each of the basic concepts of RBAC is formalized, for their definitions to be clear and precise. Based on these definitions, RBAC is remodeled as an application model supporting task and confidentiality aspects in the proposed role, task, and confidentiality (RTC) based access control model. The proposed RTC-based access control model is used for designing an application and software development platform for information security management in the Nigerian electronic payment system based on a case study carried out during the course of this research. This approach permits the close examination of the mode of operation of the e-payment system in Nigeria for effective and secure information system control. Consequently, it helps to analyze in depth the access operations of the proposed RTC access control model.
The model is refined to support the concepts of roles, tasks, subjects and data confidentiality in this particular case study, its software implementation also provided support for assignment and revocation of roles and tasks, delegation and revocation of authority, and other features include support for separation of duty constraints.
Buy Now
