Representation and Reasoning on ORBAC: Description Logic with Defaults and Exceptions Approach

Author

Boustia, Narhimene ; Mokhtar, Aicha

Author_Institution

Dept. of Comput. Sci., USDB, Blida

fYear

2008

Firstpage

1008

Lastpage

1012

Abstract

In the organization based access control (ORBAC) model, to express security policy, it is necessary to make possible the system know which are the privileges of each user. The definition of permission should not be static, but it must depend on the requirement of the system, rules should be dynamic, depending on the context. Context is used to specify the concrete circumstances where user is given role permissions to perform activities on views. Formalization of ORBAC in a logical approach makes it feasible to reason about a specified policy and verifies its correctness. We propose a formal modelisation of ORBAC by the description logic language with default and exception AL_deltaepsiv. We show how exception in information system security can be captured by AL_deltaepsiv. We illustrate this approach by an example of a medical information system.

Keywords

authorisation; formal languages; information systems; ORBAC model; description logic language; exceptions approach; formal logical approach; information system security; organization based access control; reasoning method; security policy; Access control; Availability; Concrete; Context modeling; Information security; Information systems; Knowledge representation; Logic; Medical information systems; Permission; Default; Description logic; Exception; ORBAC; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Availability, Reliability and Security, 2008. ARES 08. Third International Conference on

Conference_Location

Barcelona

Print_ISBN

978-0-7695-3102-1

Type

conf

DOI

10.1109/ARES.2008.144

Filename

4529454