Assume a system with N job positions. For job position i, the number of individu

Question

Assume a system with N job positions. For job position i, the number of individual users in that position is Ui and the number of permissions required for the job position is Pi. N, Ui, and Pi are reflected in the table below.

Position Users (Ui) Permissions required (Pi)

1 1 8

2 12 4

3 4 6

4 6 5

5 9 3

(a) For a traditional DAC scheme, how many relationships between users and permissions must be defined?

(b) Using the same situation from the previous question, how many relationships between users and permissions must be defined for an RBAC scheme?

Explanation / Answer

Discretionary Access Control (DAC) is a user-centric access control model in the sense that a file owner determines the permissions that are assigned to other users requiring access to the file. There is no central control so this model is easy to implement in a distributed applications on the Web. Using a DAC mechanism allows users control over the access rights to their files without the necessity of complying with a set of pre-specified rules. When these rights are managed correctly, only those users specified by the file owner may have some combination of read, write, execute, etc. permissions (privileges) on the file

RBAC

u For each job position, let:

U = Number of individuals in job position

P = Number of permissions required for position (U + P) < (U P) fi RBAC Advantage

For all job positions, Sum up advantage for each position Si (Ui + Pi ) < S (Ui Pi )

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.