Role engineering of information system using extended RBAC model

摘要

The role-based access control (RBAC) model is one of the policies used to access control in information systems for enterprises. The RBAC model is a powerful technology for managing and enforcing security in large-scale, enterprise-wide systems. Many implementations of this model, including the RBAC96 model, have been already proposed. This paper presents an extension of the standard RBAC model together with its implementation using the Unified Modeling Language (UML). The presented model is developed for the role engineering in the security of information system. In the paper, the union of the RBAC model, which controls access in the information system, and the UML language, i.e. a unified method of object analysis and design, is proposed. The presented approach of the RBAC model consists in role creation via defining appropriate permissions. The entire procedure is performed in two stages; first permissions assigned to a function are defined, and then definitions of functions assigned to a particular role are provided.