TRBAC
作者: Elisa Bertino , Piero Andrea Bonatti , Elena Ferrari
关键词: Computer security 、 Distributed computing 、 Computer science 、 Specification language 、 Polynomial 、 Role-based access control 、 Role hierarchy 、 Extension (predicate logic) 、 Access control 、 Formal semantics (linguistics)
摘要: Role-based access control (RBAC) models are receiving increasing attention as a generalized approach to control. Roles may be available users at certain time periods, and unavailable others. Moreover, there can temporal dependencies among roles. To tackle such dynamic aspects, we introduce Temporal-RBAC (TRBAC), an extension of the RBAC model. TRBAC supports periodic role enabling disabling---possibly with individual exceptions for particular users---and actions, expressed by means triggers. Role trigger actions either immediately executed, or deferred explicitly specified amount time. Enabling disabling given priority, which is used solve conflicting actions. A formal semantics specification language provided, polynomial safeness check introduced reject ambiguous inconsistent specifications. Finally, system implementing on top conventional DBMS presented.
acm.org
core.ac.uk
sci-hub.se 参考文章(24)
Ravi S. Sandhu, Separation of Duties in Computerized Information Systems. DBSec. pp. 179- 190 ,(1990)
John Wylie Lloyd, Foundations of logic programming ,(1984)
Savith Kandala, Ravi Sandhu, Extending The BFA Workflow Authorization Model to Express Weighted Voting Proceedings of the IFIP WG 11.3 Thirteenth International Conference on Database Security: Research Advances in Database and Information Systems Security. pp. 145- 159 ,(1999) , 10.1007/978-0-387-35508-5_10
Ravi Sandhu, Role Hierarchies and Constraints for Lattice-Based Access Controls european symposium on research in computer security. pp. 65- 79 ,(1996) , 10.1007/3-540-61770-1_28
Ravi S. Sandhu, Role-based Access Control Advances in Computers. ,vol. 46, pp. 237- 286 ,(1998) , 10.1016/S0065-2458(08)60206-5
Dirk Jonscher, Klaus R. Dittrich, Jonathan D. Moffett, Complex Subjects, or: The Striving for Complexity is Ruling our World Proceedings of the IFIP WG11.3 Working Conference on Database Security VII. pp. 19- 37 ,(1993)
Vladimir Lifschitz, Michael Gelfond, The stable model semantics for logic programming international conference on lightning protection. pp. 1070- 1080 ,(1988)
Chitta Baral, Jorge Lobo, Formal Characterization of Active Databases logic in databases. pp. 175- 195 ,(1996) , 10.1007/BFB0031741
Sylvia Osborn, Yuxia Guo, Modeling users in role-based access control Proceedings of the fifth ACM workshop on Role-based access control. pp. 31- 37 ,(2000) , 10.1145/344287.344299
D. Richard Kuhn, Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems Proceedings of the second ACM workshop on Role-based access control. pp. 23- 30 ,(1997) , 10.1145/266741.266749