Data Structures for Constraint Enforcement in Role-based Systems
نویسنده
چکیده
Constraints are an important aspect of role-based models. Several types of constraints, such as separation of duty constraints, cardinality constraints and temporal constraints have been identified in the literature. Although the specification of constraints has received significant research interest, there has been little work on the development of an efficient constraint enforcement model. In particular there does not exist a model for the data structures that are referenced and maintained by the constraint enforcement mechanism. In this paper, we define a formal model for such data structures that record salient information to be used by the constraint enforcement mechanism. We introduce the concept of a constraint evaluation structure that is used by the constraint enforcement mechanism to determine whether granting a request would violate a constraint. Two particular constraint evaluation structures form part of the runtime model we introduce in order to enforce dynamic constraints.
منابع مشابه
Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملA Cluster-Based Hybrid broadcasting mechanism for Quantum Systems with Power Management and delay Constraint in the MAC sub-layer
متن کامل
SEQUENTIAL PENALTY HANDLING TECHNIQUES FOR SIZING DESIGN OF PIN-JOINTED STRUCTURES BY OBSERVER-TEACHER-LEARNER-BASED OPTIMIZATION
Despite comprehensive literature works on developing fitness-based optimization algorithms, their performance is yet challenged by constraint handling in various engineering tasks. The present study, concerns the widely-used external penalty technique for sizing design of pin-jointed structures. Observer-teacher-learner-based optimization is employed here since previously addressed by a number ...
متن کاملAn Adaptable Approach for Integrity Control in Federated Database Systems
In database federations the integrity problem arises from the degree of heterogeneity and autonomy of participating component database systems. This causes integrity control more complicate than that in traditional centralized database systems. Semantic integrity should be considered in two phases: constraint federation and constraint enforcement. Otherwise, the administrators of component data...
متن کاملPrivacy Enforcement with an Extended Role-Based Access Control Model
Privacy enforcement has been one of the most important challenges in IT area. Current privacy practices within companies and organizations, e.g. enabling a P3P compliant policy, incorporating a privacy seal program, etc., cannot truly protect consumer privacy. Privacy protection can only be achieved by enforcing privacy policies within an organization’s online and offline data processing system...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005