Debit: A Diversity-Based Method for Implicit Role Transition in RBAC Deployments
Role-Based Access Control (RBAC) is a widely used access control paradigm in operating system due to its simplicity, scalability and fine-grained control ability. Current approaches need re-login to transit role when the permissions of assigned role are inadequate for operation. This usage is easy for secure administration, while inflexible in practical use, especially for those authenticated users. This paper describes a diversity-based access control model supporting implicit role transition, called DRT-RBAC. By measuring users' authentication trustworthiness, a range for role transition can be computed, and user whose diversity between the old role and the new one fall into this range is allowed for automated role transition.