NIST Standard for Role-Based Access Control

Present by Wenyi Ni

The root of RBAC The use of groups in UNIX and other

operating systems Privilege grouping in DBMS Separation of duty concepts

RBAC embodies these notions in a single access control model.

RBAC includes: Roles and role hierarchies Role activation Constraints on user/role membership

and role set activation

RBAC is organized into two part RBAC reference model RBAC Functional Specification

RBAC reference model Define a common vocabulary of

terms for in consistently specifying requirements and to set the scope of the RBAC features included in the standard

RBAC Functional Specification

Define requirements over administrative operations for the creation and maintenance of RBAC element sets and relations

NIST RBAC model is defined in terms of four model components

Core RBAC Hierarchical RBAC Static separation of duty relations Dynamic Separation of duty

relations

Core RBAC Define a minimum collection of

RBAC elements, element sets, relations in order to completely achieved a role-based access control system

It includes:1.user-role assignment2.permission-role assignment

Definitions in core RBAC User: defined as a human being. It

can be extended to include machine, network,intelligent autonomous agent

Role: a job function within the context of an organization with some associated semantics regarding the authority and responsibility

Definition (continued) Permission: an approval to perform

an operation on one or more RBAC protected objects

Operation: an executable image of a program

Session: a mapping between a user and an activated subset of roles that are assigned to the user

Core RBAC model element sets and relations

Hierarchal RBAC It adds relations for supporting role

hierarchies Senior roles acquire the permissions

of their juniors A role’s set of authorized users and

authorized permission Role hierarchy can be 1)tree 2)inverted tree 3)lattice

Role hierarchy Tree

Role hierarchy inverted tree

Role hierarchy lattice

Example: accounting roles

Separation of duty relations

It is used to enforce conflict of interest policies that organizations may employ to prevent users from exceeding a reasonable level of authority for their position

Static Separation of Duty Relations Enforce constraints on the

assignment of users to roles Place restrictions on sets of roles. If

a user is assigned to one role, the user is prohibited from being a member of a second role.

Because of the conflict of role ‘billing’ and ‘Cashier’ , Frank is prohibited to be assigned both of them

Dynamic Separation of Duty Relations Place constraints on the roles that

can be activated within or across a users sessions.

It supports each user has different levels of permission at different time.

It is often referred as timely revocation of trust

Categories of functions in RBAC Used to meet the requirements for

each of the components1.Administrative Functions2.Supporting System Functions3.Review Functions

Administrative Functions in core RBAC Create and maintain element

sets(users,roles,OPS,OBS)1.AddUser, DeleteUser2.AddRole, DeleteRole3.AssignUser, DeassignUser4.GrantPermission, revokePermission

Supporting System Function in Core RBAC Session management and make

access control decisions1.CreateSession2.AddActiveRole, DropActiveRole3.CheckAccess

Review Function in Core RBAC View the contents of user-to-role

and permission-to-role assignment.1.AssignedRoles2.RolePermissions3.UserPermissions4.SessionPermisssions5.RoleOperationsOnObjects6.UserOperationsOnObjects

Administrative Function in Hierarchical RBAC Create and maintain the partial

order relation among roles1.AddInheritance, DeleteInheritance2.AddAscendant, AddDescendant

Supporting System Functions in Hierarchical RBAC

Same function as for Core RBAC, some function need to be redefined because of the role hierarchy.

Such as: createSession, addActiveRole.

Review Functions in Hierarchical RBAC All review functions specified for

Core RBAC is valid here Add the review functions to inherited

roles.1.AuthorizedUsers2.AuthorizedRoles

Functions in SSDAdministrative:1CreatSSDSet,DeleteSSDSet2AddSSDRoleMember, DeleteSSDRolemember3.SetSSDRoleMember4.SetSSDCardinalitySupporting System: same as those for core RBACReview:1.SSDRoleSets2.SSDRoleSetRoles3.SSDRoleSetCardinality

Functions in DSDAdministrative1.CreateDSDSet, DeleteDSDSet2.AddDSDRoleMember,DeleteDSDRoleMember3.SetDSDCardinalitySuport System:1.CreateSession2.AddActiveRole3.DropActiveRole Review:1.DSDRoleSets2.DSDRoleSetRoles3.DSDRoleSetCardinality

Conclusion RBAC is used to simplify security

policy administration RBAC is an open-ended

technology,which ranges from very simple to fairly sophisticated.

RBAC continues to be an evolving technology.

End Reference:http://csrc.nist.gov/rbac/rbacSTD-ACM.

pdf