Next: Bibliography
Up: The Role Compatibility Security
Previous: Further Refinement
Practical experience with server systems using the Role Compatibility model
for access control shows that base protection
and service encapsulation are possible without drawbacks in usability. All
protection requirements of these systems could be solved by proper RC
configuration, while the well-known RBAC and DTE models each show several
deficiencies.
The RC model as presented in this paper proved to be easy to use in simple
setups, but also very flexible and powerful in complex environments.
Combined with the RSBAC concept of Network Templates, even access to and
from remote systems can be effectively controlled.
Amon Ott