Open Access Repository

Partial Access Control Permissions and Rights


Downloads per month over past year

de la Motte, L and Hartnett, J 2005 , 'Partial Access Control Permissions and Rights', paper presented at the of no conference.

PartACPerms&Rig...pdf | Download (129kB)
Available under University of Tasmania Standard License.

| Preview


In order to satisfy the Principle of Least Privilege in large enterprises which employ Role Based Access Control
systems a large number of roles must be defined. Role
management can become a demanding and complex task
in such situations. This paper introduces the concepts of
Partial Access Control Permissions (Partial Permissions)
and Partial Access Control Rights (Partial Rights) which
enable the number of roles to be reduced and role
management burdens to be eased.
Partial permissions are linked permissions which are
applied simultaneously to two or more roles. The rights
defined in a partial permission only become active when
an access request triggers a sufficient number of linked
partial permissions. Partial permissions enable
permissions to be given to any combination of roles. For
example, if a hospital patient is attended by clinicians
with a "treating team" role and the hospital has a "doctor"
role, a partial permission applied to the two roles is only
triggered during an access request from a doctor who is
on the treating team.
Similarly, a Full Right is triggered when a complete set of
Partial Rights are activated. Partial rights provide a
means for incorporating consent and authorisation into the
access control system, as well as facilitating the
application of general access control rules to groups of
associated roles.

Item Type: Conference or Workshop Item (Paper)
Authors/Creators:de la Motte, L and Hartnett, J
Keywords: Access Control, Role Management, Access Rights, Privacy, Medical Records
Item Statistics: View statistics for this item

Actions (login required)

Item Control Page Item Control Page