Title :
Representation and Reasoning on ORBAC: Description Logic with Defaults and Exceptions Approach
Author :
Boustia, Narhimene ; Mokhtar, Aicha
Author_Institution :
Dept. of Comput. Sci., USDB, Blida
Abstract :
In the organization based access control (ORBAC) model, to express security policy, it is necessary to make possible the system know which are the privileges of each user. The definition of permission should not be static, but it must depend on the requirement of the system, rules should be dynamic, depending on the context. Context is used to specify the concrete circumstances where user is given role permissions to perform activities on views. Formalization of ORBAC in a logical approach makes it feasible to reason about a specified policy and verifies its correctness. We propose a formal modelisation of ORBAC by the description logic language with default and exception ALdeltaepsiv. We show how exception in information system security can be captured by ALdeltaepsiv. We illustrate this approach by an example of a medical information system.
Keywords :
authorisation; formal languages; information systems; ORBAC model; description logic language; exceptions approach; formal logical approach; information system security; organization based access control; reasoning method; security policy; Access control; Availability; Concrete; Context modeling; Information security; Information systems; Knowledge representation; Logic; Medical information systems; Permission; Default; Description logic; Exception; ORBAC; Security;
Conference_Titel :
Availability, Reliability and Security, 2008. ARES 08. Third International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-0-7695-3102-1
DOI :
10.1109/ARES.2008.144
