Proceedings of the 13th ACM symposium on Access control models and technologies - SACMAT '08
Full text: Download
Despite a large body of literature on the administration of RBAC policies in centralized systems, the problem of the administration of a distributed system has hardly been addressed. We present a formal system for modelling a distributed RBAC system and its administration. We define two basic requirements for distributed RBAC systems, based on safety and availability. We present a transition-system modelling the actual implementation of administrative commands and we show that it preserves those requirements. We also indicate how the system can be used as a basis for a practical implementation.