A MODEL FOR INTEGRATING RBAC SECURITY FEATURES

Abstract

Integration generally means combining parts so that they work together or form a whole. Recently, considerable attention has been paid to present information from various sources in an integrated format. The main purpose of integration is to share information. The most vital part in integration process is resolution of conflicts between participating parts. Conflicts may arise as a result of heterogeneity in parts. role-based access control (RBAC) is an approach to restricting access to the resources of a system only to authorize users. Database integration has been the subject of much research and has been proven feasible through various techniques. However, integrating RBAC security features needs more studies and research. This thesis is trying to provide a model for integrating RBAC systems which are heterogeneous, autonomous and work in related fields which decided to integrate for information sharing purpose. This model identifies and resolves conflicts between heterogeneous RBAC systems and proposes a simple framework to be used when such systems are integrated. Two healthcare systems were selected as a case study in order to confirm model feasibility, and verify whether the objectives that the proposed model is designed for are achieved.