Access Control for Hierarchical Joint-Tenancy
Jonathan K. Adams, Basheer N. Bristow
TL;DR
This paper introduces a parameterized role-based access control model to efficiently manage hierarchical joint-tenancy, simplifying role management and access visualization across multiple organizations.
Contribution
It proposes a novel RBAC extension with parameterized roles and privileges to accurately represent multiple organizational hierarchies in joint-tenancy scenarios.
Findings
Reduces complexity in role and privilege management.
Simplifies modeling and visualization of access hierarchies.
Effectively supports multi-organization access control.
Abstract
Basic role based access control [RBAC] provides a mechanism for segregating access privileges based upon a user's hierarchical roles within an organization. This model doesn't scale well when there is tight integration of multiple hierarchies. In a case where there is joint-tenancy and a requirement for different levels of disclosure based upon a user's hierarchy, or in our case, organization or company, basic RBAC requires these hierarchies to be effectively merged. Specific roles that effectively represent both the user's organizations and roles must be translated to fit within the merged hierarchy to be used to control access. Essentially, users from multiple organizations are served from a single role base with roles designed to constrain their access as needed. Our work proposes, through parameterized roles and privileges, a means for accurately representing both users' roles…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAccess Control and Trust · Cryptography and Data Security · Multi-Agent Systems and Negotiation