DocumentCode :
3080471
Title :
Reasoning about Relation Based Access Control
Author :
Artale, Alessandro ; Crispo, B. ; Giunchiglia, Fausto ; Turkmen, Fatih ; Rui Zhang
Author_Institution :
KRDB Res. Centre, Free Univ. of Bozen-Bolzano, Bolzano, Italy
fYear :
2010
fDate :
1-3 Sept. 2010
Firstpage :
231
Lastpage :
238
Abstract :
Relation Based Access Control (RelBAC) is an access control model that places permissions as first class concepts. Under this model, we discuss in this paper how to formalize typical access control policies with Description Logics. Important security properties, i.e., Separation of Duties (SoD) and Chinese Wall are studied and formally represented in RelBAC. To meet the needs of automated tools for administrators, we show that RelBAC can formalize and answer queries about access control requests and administrative checks resorting to the reasoning services of the underlying Description Logic.
Keywords :
authorisation; knowledge representation languages; Chinese Wall; description logic; duty separation; permission concept; reasoning service; relation based access control; security property; Access control; Cognition; Complexity theory; Information systems; Marketing and sales; Nickel; Access Control models; Description Logics; SoD;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Network and System Security (NSS), 2010 4th International Conference on
Conference_Location :
Melbourne, VIC
Print_ISBN :
978-1-4244-8484-3
Electronic_ISBN :
978-0-7695-4159-4
Type :
conf
DOI :
10.1109/NSS.2010.76
Filename :
5635512
Link To Document :
بازگشت