Mahidol University Logo
Faculty of ICT, Mahidol University
 

Admissions

Printable Version

 

FEDERATED ROLE-BASED ACCESS CONTROL MODELS. (FRBAC)

 

TITLE FEDERATED ROLE-BASED ACCESS CONTROL MODELS. (FRBAC)
AUTHOR ANAN SHOTIPRAWIT
DEGREE MASTER OF SCIENCE PROGRAMME IN COMPUTER SCIENCE
FACULTY FACULTY OF SCIENCE
ADVISOR THANWADEE SUNETNUNTA
CO-ADVISOR SUDSANGUAN NGAMSURIYAROJ
CHANTANA CHANTRAPORNCHAI
 
ABSTRACT
Nowadays, there is growing need to share information from various database systems inside an organization or across an organization. A federated database system was proposed to support this need. The database system was composed of two levels, a local level and a federation level. The database system at the federation level integrates and shares information from various database systems at the local level. Currently, federated database systems still have some difficulties and problems in managing heterogeneous access control policies from different local database systems. This thesis studied and designed an access control model, which supports such heterogeneity management for federated database systems. The thesis proposes federated role-based access control models (FRBAC) by extending the existing capabilities of traditional role-based access control models (RBAC). It argues that RBAC is more efficient and flexible for managing heterogeneity and changes in access control polices in a federated database system than other traditional access control models like MAC and DAC. In our models, the access controls are separated into a local access control level and a federated access control level. In the local access control level, it was composed of a local access control policy and a public access control policy. The public access control policy was proposed to support autonomy for a local administrator in defining the policy to control access from the federation. For access control at the federation level, it had the federated access control policy. This access control policy integrates and interoperates public access control policies from various local database systems. Furthermore, using the FRBAC methodology to build the access control policy, check the authorization, and control the changes among access control policies is proposed. Moreover, FRBAC reference models with formal definitions and functions are provided. For proof of the concept’s effectiveness, a case study in applying FRBAC models to a federated healthcare system is demonstrated.
KEYWORD FEDERATED DATABASE SYSTEMS / ROLE-BASED ACCESS CONTORL / INTEROPERABILITY / AUTONOMY

 

Go to Top

 

ICT Building, Mahidol University, 999 Phuttamonthon 4 Road, Salaya, Nakhonpathom 73170 Tel. +66 02 441-0909 Fax. +66 02 849-6099
Mahidol University Computing Center, The Faculty of ICT, Mahidol University , Rama 6 Road, Rajathevi, Bangkok 10400 Tel. +66 02 354-4333 Fax. +66 02 354-7333