posted on 2023-05-26, 08:41authored byde la Motte, L, Hartnett, J
In order to satisfy the Principle of Least Privilege in large enterprises which employ Role Based Access Control\ systems a large number of roles must be defined. Role\ management can become a demanding and complex task\ in such situations. This paper introduces the concepts of\ Partial Access Control Permissions (Partial Permissions)\ and Partial Access Control Rights (Partial Rights) which\ enable the number of roles to be reduced and role\ management burdens to be eased.\ Partial permissions are linked permissions which are\ applied simultaneously to two or more roles. The rights\ defined in a partial permission only become active when\ an access request triggers a sufficient number of linked\ partial permissions. Partial permissions enable\ permissions to be given to any combination of roles. For\ example, if a hospital patient is attended by clinicians\ with a \treating team\" role and the hospital has a \"doctor\"\