The NIST RBAC standard defines a limited role hierarchy as one in which a role m

Question

The NIST RBAC standard defines a limited role hierarchy as one in which a role may have one or more immediate ascendants but is restricted to a single immediate descendant. What inheritance relationships in Figure 4.10 (Simple ABAC Scenario) are prohibited by the NIST standard for a limited role hierarchy?

Access control policy Environmental conditions 2a 2d Rules Enforce ecision 3 Object Access control 2b mechanismn Subject 2c Clearance Name Type Owner Ete. Affiliation Classification Etc. Subject attributes Object attributes Figure 4.10 Simple ABAC Scenario

Explanation / Answer

Answer:

RBAC is abbreviated as Role based Access control. It is a method to provide security controls and hierarchical structure of roles in the organization. These controls are defined by the authority, responsibility, authorization, within the organization. RBAC has five major elements they are users, roles, permission, operations and objects.

ABAC is defined as means Attribute based Access Control lists. The Attributes are user attributes, system attributes, environmental attributes.

From the figure 4.10, the ABAC scenario

To satisfy the relationships, some of the relations to be deleted to the ABAC model are as follows:

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

---