A Platform for Assessing the Efficiency of Distributed Access Enforcement in Role Based Access Control (RBAC) and its Validation
Abstract
We consider the distributed access enforcement problem for Role-Based Access Control (RBAC) systems. Such enforcement has become important with RBAC's increasing adoption, and the proliferation of data that needs to be protected. We provide a platform for assessing candidates for access enforcement in a distributed architecture for enforcement. The platform provides the ability to encode data structures and algorithms for enforcement, and to measure time-, space- and administrative efficiency. To validate our platform, we use it to compare the state of the art in enforcement, CPOL [6], with two other approaches, the directed graph and the access matrix [9, 10]. We consider encodings of RBAC sessions in each, and propose and justify a benchmark for the assessment. We conclude with the somewhat surprising observation that CPOL is not necessarily the most efficient approach for access enforcement in distributed RBAC deployments.
Collections
Cite this version of the work
Marko Komlenovic
(2011).
A Platform for Assessing the Efficiency of Distributed Access Enforcement in Role Based Access Control (RBAC) and its Validation. UWSpace.
http://hdl.handle.net/10012/5731
Other formats
Related items
Showing items related by title, author, creator and subject.
-
Gaining Access at Historic Tourism Sites: A Narrative Case Study of Physical Accessibility at Glamis Castle
Barlow, Heather (University of Waterloo, 2013-01-07)Today, tourists seek authentic experiences from places they visit. For countries where the historic environment is a key component of tourism, the concept of maintaining authenticity is vital to encourage potential visitors. ... -
A Statistically Rigorous Evaluation of the Cascade Bloom Filter for Distributed Access Enforcement in Role-Based Access Control (RBAC) Systems
Zitouni, Toufik (University of Waterloo, 2011-01-20)We consider the distributed access enforcement problem for Role-Based Access Control (RBAC) systems. Such enforcement has become important with RBAC’s increasing adoption, and the proliferation of data that needs to be ... -
Data Structures for Fast Access Control in ECM Systems
Wu, Zhiping (University of Waterloo, 2014-08-08)While many access control models have been proposed, little work has been done on the efficiency of access control systems. Because the access control sub-system of an Enterprise Content Management (ECM) system may be a ...