| Article ID | Journal | Published Year | Pages | File Type |
|---|---|---|---|---|
| 427810 | Information Processing Letters | 2011 | 5 Pages |
RBAC (Role-Based Access Control) is a widely used access control model, which reduces the maintenance cost of classical identity-based access control. However, despite the benefits of RBAC, there are environments in which RBAC can hardly be applied. We present FRBAC (Fuzzy Role-Based Access Control), a generalization of RBAC through fuzzy relations that extends the applicability of RBAC to environments where authorization-related information is vague. Moreover, FRBAC deals with environments where the actions that can be executed over the resources have a fractional meaning, as data lying in databases and risk-based access control.
Research highlights► We describe Core, Hierarchical and Constrained Fuzzy Role-Based Access Control. ► FRBAC extends RBAC when authorization-related information is vague. ► FRBAC deals with non-binary actions which have a fractional meaning.
