Using Description Logics in Relation Based Access Control

نویسندگان

  • Rui Zhang
  • Alessandro Artale
  • Fausto Giunchiglia
  • Bruno Crispo
چکیده

Relation Based Access Control (RelBAC ) is an access control model designed for the new scenarios of access control on Web 2.0. Under this model, we discuss in this paper how to formalize with Description Logics the typical authorization problems of access control together with the enforcement of an important security property: Separation of Duties (SoD) and some high level security policies about the composition of those subjects on which to separate the duties.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Formal Perspective on Relation Based Access Control

Relation Based Access Control (RelBAC ) is an access control model designed for the new scenarios of access control on Web 2.0. Under this model, we discuss in this paper how to formalize typical access control policies with Description Logics. Important security properties, i.e., Separation of Duties (SoD) and Chinese Wall constraints are studied and formally represented in RelBAC with the exp...

متن کامل

Design and Run Time Reasoning with Relbac

Relation-Based Access Control (RelBAC) is an access control model for the Web scenarios, which represents permissions as relations between users and objects. By exploiting the formalization of RelBAC model in Description Logics (DL), sophisticated access control policies can be directly encoded as DL formulas. This facilitates the administration with design time reasoning on hierarchies, member...

متن کامل

Formalizing XACML Using Defeasible Description Logics

XACML has emerged as a popular access control language on the Web, but because of its rich expressiveness, it has proved difficult to analyze in an automated fashion. Previous attempts to analyze XACML policies either use propositional logic or full First-Order logic. In this paper, we present a formalization of XACML using Description Logics (DL) . This formalization allows us to extend the su...

متن کامل

Description Logics for Information

In this paper we would like to present some preliminary ideas on the possibility of using prin-cipled Knowledge Representation techniques { speciically Description Logics { in order to support conceptual modeling and exible access to Information Systems. In recent years, applications based on database tools and those based on Description Logic systems are progressively converging towards integr...

متن کامل

A Modal Deconstruction of Access Control Logics

We present a translation from a logic of access control with a “says” operator to the classical modal logic S4. We prove that the translation is sound and complete. We also show that it extends to logics with boolean combinations of principals and with a “speaks for” relation. While a straightforward definition of this relation requires second-order quantifiers, we use our translation for obtai...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2009