Role-Based Access Control
by D.F.Ferraiolo, D.R.Kuhn, R.Chandramouli
Artech House, Computer Security Series, 2003.
Reviewed by Tolga Acar June 5, 2003
Finally, there is a book on RBAC (Role-Based Access Control). The book covers research and development on Role-Based Access Control, concentrates on the increased emphasis and popularity in the last decade. This is the first book consolidating numerous RBAC papers. It is a must-read for every RBAC researcher and developer and for an organization offering or architecting a role-based access control system.
The book starts with an overview of traditional access controls and security models as prerequisites for understanding RBAC, such as Mandatory and Discretionary Access Controls, Clark-Wilson, Biba and Chinese Wall security models, and the reference monitor concept, among others. Most security researchers can skip the first few chapters, or use it as a starting point of their literature survey.
RBAC itself is described in three chapters. The first chapter explains the core features: users, roles, permissions, role activation, user and permission assignments, and permission mapping into privileges. The second is on role hierarchies including inheritance and hierarchy structures. The last core RBAC chapter is about separation of duty (SoD) and constraints in RBAC systems: types of SoD, SoD concepts in role hierarchies, SoD issues in privilege and role assignments, and temporal constraints, all of which are adequately discussed.
The MAC on RBAC concept is defined for confidentiality-based MAC systems. Simple, liberal and strict *-properties are defined for the Bell-LaPadula security model providing confidentiality. Similar concepts for Biba-type systems providing integrity are not discussed, reflecting the present state of research.
NIST's proposed RBAC standard and role-based administration of RBAC concepts are addressed in two chapters, followed by two chapters for enterprise-minded readers: RBAC/XML access control frameworks and their integration into enterprise environments. Interestingly, there is no mention of XACML even though DOM and SAX API sets are briefly discussed. There is no mention of GFAC (Generalized Framework for Access Control) binding RBAC into this framework.
The chapter covering RBAC in Workflow Management systems, Web Systems, Java, UNIX, and Federal Databases is quite helpful for RBAC architects. This chapter alone is a good reason to have the book.