RBAC (Role-Based Access Control) is a widely used access control model, which reduces the maintenance cost of classical identity-based access control. However, despite the benefits of RBAC, there are environments in which RBAC can hardly be applied. We present FRBAC (Fuzzy Role-Based Access Control), a generalization of RBAC through fuzzy relations that extends the applicability of RBAC to environments where authorization-related information is vague. Moreover, FRBAC deals with environments where the actions that can be executed over the resources have a fractional meaning, as data lying in databases and risk-based access control. © 2011 Elsevier B.V. All rights reserved.
- Role-Based Access Control
- Safety/security in digital systems