مرکز منطقه ای اطلاع رساني علوم و فناوري - Analyzing First-Order Role Based Access Control

DocumentCode :

2078760

Title :

Analyzing First-Order Role Based Access Control

Author :

Cotrini, Carlos ; Weghorn, Thilo ; Basin, David ; Clavel, Manuel

fYear :

2015

fDate :

13-17 July 2015

Firstpage :

Lastpage :

Abstract :

We propose FORBAC, an extension of Role-Based Access Control (RBAC) based on first-order logic. FORBAC is expressive enough to formalize a wide range of access control policies. However, it is simple enough so that relevant policy analysis queries can be analyzed in NP, which we argue is a natural complexity class for this problem. To analyze queries efficiently, we reduce them to the problem of satisfiability modulo appropriate theories, and use off-the-shelf SMT solvers. We evaluate FORBAC´s expressiveness and our approach to policy analysis in a case study, analyzing access control in a European bank.

Keywords :

Authorization; Complexity theory; Polynomials; Radio frequency; Remuneration; Syntactics; Role based access control; authorization languages; first-order logic; policy analysis;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Computer Security Foundations Symposium (CSF), 2015 IEEE 28th

Conference_Location :

Verona, Italy

Type :

conf

DOI :

10.1109/CSF.2015.8

Filename :

7243721

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2078760