Enhancement of Cloud Security by Including Responsibility Components in RBAC

Good corporate governance requires an improvement of the definition and the enforcement of the employees responsibility throughout the companies processes. In the field of information technology, one translation of this requirement targets a strict alignment of the access control policy with the permissions needed by the employees to achieve the obligations linked to their responsibilities. There has been much work related to access control over three decades and Role Based Access Control (RBAC) has emerged as a reference model in that discipline. Although its advantages have been largely recognized, when taking into account the new governance constraints, it appears that its mechanism of assignment of users permissions is improvable. In this paper, we propose enhancements of RBAC by taking into account the concept of responsibility and explain it can be modeled using the OWL Web Ontology Language.