Title: Scalable RBAC model for large-scale applications with automatic user-role assignment

Authors: Gurucharansingh J. Sahani; Chirag S. Thaker; Sanjay M. Shah

Addresses: Computer Engineering/IT Department, Gujarat Technological University, Gandhinagar, Gujarat, India ' Computer Engineering Department, Government College of Engineering, Rajkot, Gujarat, India ' Computer Engineering Department, LD College of Engineering, Ahmedabad, Gujarat, India

Abstract: Access control is one of the essential security requirements of any information system. Role-based access control (RBAC) has been the most popular access control model so far. However, in-advance, manual, and time-consuming role assignment process makes it inefficient in large data-sharing applications. Extension to RBAC models using attributes, attribute-based access control (ABAC) model, and combination of access control models with other techniques has become an emerging research area in access control. Recent research either focuses on standardising the ABAC model or making RBAC fine-grained, dynamic, and context-aware. A manual user-role assignment is still an open problem for RBAC that limits it for extending. In large-scale applications, a large number of users makes the manual user-role assignment process complicated and difficult. In this paper, we present an attribute-based framework to make RBAC's user-role assignment process automatic by extending it for large-scale applications.

Keywords: access control; automatic user-role assignment; large-scale applications; patient health record; role-based access control; RBAC.

DOI: 10.1504/IJCNDS.2022.120294

International Journal of Communication Networks and Distributed Systems, 2022 Vol.28 No.1, pp.76 - 102

Received: 18 Mar 2021
Accepted: 02 Jun 2021

Published online: 03 Jan 2022 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article