Dynamic Modeling for Representing Access Control Policies Effect
This addresses security and efficiency issues for database administrators and users in large systems, though it appears incremental as it builds on existing RBAC methods.
The paper tackles the problem of costly and error-prone user interface updates due to access control policy changes in databases by proposing a dynamic interface that automatically generates UI based on RBAC policies, reducing unauthorized access and privacy violations.
In large databases, creating user interface for browsing or performing insertion, deletion or modification of data is very costly in terms of programming. In addition, each modification of an access control policy causes many potential and unpredictable side effects which cause rule conflicts or security breaches that affect the corresponding user interfaces as well. While changes to access control policies in databases are inevitable, having a dynamic system that generates interface according to the latest access control policies become increasingly valuable. Lack of such a system leads to unauthorized access to data and eventually violates the privacy of data owners. In this work, we discuss a dynamic interface that applies Role Based Access Control (RBAC) policies as the output of policy analysis and limits the amount of information that users have access according to the policies defined for roles. This interface also shows security administrators the effect of their changes from the user's point of view while minimizing the cost by generating the interface automatically.