Analyzing and Managing Role-Based Access Control Policies
نویسندگان
چکیده
منابع مشابه
Con guring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general enough to simulate the traditional methods. In this paper we provide systematic constructions for various common forms of both of the tradition...
متن کاملRewriting-Based Access Control Policies
In this paper we propose a formalization of access control policies based on term rewriting. The state of the system to which policies are enforced is represented as an algebraic term, what allows to model many aspects of the policy environment. Policies are represented as sets of rewrite rules, whose evaluation produces deterministic authorization decisions. We discuss the relation between pro...
متن کاملA comprehensive modeling framework for role-based access control policies
Prohibiting unauthorized access to critical resources and data has become a major requirement for enterprises. Access control (AC) mechanisms manage requests from users to access system resources; the access is granted or denied based on authorization policies defined within the enterprise. One of the most used AC paradigms is role-based access control (RBAC). In RBAC, access rights are determi...
متن کاملIncremental Analysis of Evolving Administrative Role Based Access Control Policies
We consider the safety problem for Administrative RoleBased Access Control (ARBAC) policies, i.e. detecting whether sequences of administrative actions can result in policies by which a user can acquire permissions that may compromise some security goals. In particular, we are interested in sequences of safety problems generated by modifications (namely, adding/deleting an element to/from the s...
متن کاملVac - Verifier of Administrative Role-Based Access Control Policies
In this paper we present Vac, an automatic tool for verifying security properties of administrative Role-based Access Control (RBAC). RBAC has become an increasingly popular access control model, particularly suitable for large organizations, and it is implemented in several software. Automatic security analysis of administrative RBAC systems is recognized as an important problem, as an analysi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IEEE Transactions on Knowledge and Data Engineering
سال: 2008
ISSN: 1041-4347
DOI: 10.1109/tkde.2008.28