Laboratory for Intelligent Information Systems
Department of Computer and Information Science
Linköping University, S-581 83 Linköping, Sweden
Telephone: (+46) 132 826 08, 132 820 66, Fax: (+46) 132 826 66
Email: {matgu,nahsh}@ida.liu.se
Abstract. This paper presents a novel framework for role descriptions for increased information security. The generality of the framework makes it suitable for modeling roles in a wide range of applications such as Role-Based Access Control and Workflow Management. The framework can also be used as a common modeling platform in information systems.
We make a clear distinction between the definition of a role and the uses it is put to. Apart from an application data block that can be used to store access control information, a role description also includes the relations a role has to other roles.
Applied to Role-Based Access Control (RBAC), the framework can be used to model most aspects important in this area, for example constraints and role hierarchies. Our framework can complement and extend previously proposed frameworks by placing roles into a wider organizational context.
Keywords: Organizational Models, Role Descriptions, Role Based Access Control, Information Security