Role-Based Access Control: A Simplified Specification∗
نویسندگان
چکیده
This paper describes a simplified and corrected specification of role-based access control (RBAC) based on the specification in the ANSI standard for RBAC. The simplifications and corrections were made while following a systematic method for deriving efficient implementations from straightforward implementations of clear specifications. The method allows specifications to be written clearly without efficiency concerns. We give a complete specification of core RBAC, illustrating the principles we used in developing it; we give a complete specification of hierarchical RBAC, with an additional option for managing the relationship on roles; we describe a specification of constrained RBAC, making extension relationships among RBAC components clear. We then describe principles for developing clear and simpler specifications more extensively, explain the simplifications and corrections we made in comparison with the standard, and summarize our method and results for generating efficient implementations.
منابع مشابه
Role-Based Access Control: A Corrected and Simplified Specification
This paper describes a corrected and simplified specification of role-based access control (RBAC) based on the specification in the ANSI standard for RBAC. We give a complete specification of core RBAC, explaining the methodology we used in developing it; we then give a complete specification of hierarchical RBAC, with an additional option for managing the relationship on roles; and we also des...
متن کاملA semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کاملAn automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملA model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کامل