Access Control Model Based On Role And Attribute For Secured Application.
Main Article Content
Abstract
Access control mechanism is used to secure an organization from insiders and intruders. RBAC and ABAC are the most popular models at present. Yet, they both deteriorate with pitfalls. RBAC has been widely adopted due to security advantages but difficult to meet dynamic access control requirements where ABAC provides more flexibility by introducing attributes. But system complexity due to the addition of attributes is the main drawback of ABAC. This paper combines benefits of these two models to come up with a role and attribute based RABAC model. RBAC manages static attributes and ABAC manages dynamic attributes which makes it more flexible, fine grained and user friendly. Additionally, we employ RABAC model to design a secured web application framework according to the characteristics of the model. This makes the application robust to hold out against SQL injection attacks..
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.