An Algebraic Model to Analyze Role-Based Access Control Policies

Role-Based Access Control (RBAC) is a well known access control model used to preserve the confidentiality of information by specifying the ability of users to access information based on their roles. Usually these policies would be manipulated by combining or comparing them especially when defined in a distributed way. Furthermore, these policies should satisfy predefined authorization constraints. In this paper, we present an algebraic model for specifying and analyzing RBAC policies. The proposed model enables us to specify policies and verify the satisfaction of predefined authorization constraints. Furthermore, the model allows us to combine policies and analyze their effect on predefined constraints. The model consists of few operators that give simplicity in specifying polices. We present a prototype tool used for facilitating the analysis.

Download Full-text

Modifiedhierarchical privacy-aware role based access control model

Proceedings of the 2012 ACM Research in Applied Computation Symposium on - RACS '12 ◽

10.1145/2401603.2401679 ◽

2012 ◽

Cited By ~ 2

Author(s):

Sanjeev Arora ◽

Eunjee Song ◽

Yoonjeong Kim

Keyword(s):

Access Control ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Role Based

Download Full-text

Solving some optimization tasks of assigning roles within the framework of well-known estimates of relative damage from leakage of authority in a role-based access control model

2019 Dynamics of Systems, Mechanisms and Machines (Dynamics) ◽

10.1109/dynamics47113.2019.8944724 ◽

2019 ◽

Author(s):

Sergey V. Usov ◽

Anton N. Mironenko

Keyword(s):

Access Control ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Relative Damage ◽

Role Based

Download Full-text

A web application system development platform based on role-based access control model

2010 International Conference on Computer Application and System Modeling (ICCASM 2010) ◽

10.1109/iccasm.2010.5622116 ◽

2010 ◽

Author(s):

Ma Xiao-jun ◽

Yan Xi

Keyword(s):

Access Control ◽

Web Application ◽

System Development ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Application System ◽

Development Platform ◽

Web Application System ◽

Role Based

Download Full-text

A formal role-based access control model for security policies in multi-domain mobile networks

Computer Networks ◽

10.1016/j.comnet.2012.09.018 ◽

2013 ◽

Vol 57 (1) ◽

pp. 330-350 ◽

Cited By ~ 14

Author(s):

D. Unal ◽

M.U. Caglayan

Keyword(s):

Access Control ◽

Mobile Networks ◽

Control Model ◽

Security Policies ◽

Role Based Access Control ◽

Access Control Model ◽

Role Based

Download Full-text

HT-RBAC: A Design of Role-based Access Control Model for Microservice Security Manager

10.1109/bdee52938.2021.00038 ◽

2021 ◽

Author(s):

Chittipat Pasomsup ◽

Yachai Limpiyakorn

Keyword(s):

Access Control ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Role Based

Download Full-text

An administration concept for the enterprise role-based access control model

Proceedings of the eighth ACM symposium on Access control models and technologies - SACMAT '03 ◽

10.1145/775412.775414 ◽

2003 ◽

Cited By ~ 14

Author(s):

Axel Kern ◽

Andreas Schaad ◽

Jonathan Moffett

Keyword(s):

Access Control ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Role Based

Download Full-text

Ex-RBAC: An Extended Role Based Access Control Model for Location-aware Mobile Collaboration System

Second International Conference on Internet Monitoring and Protection (ICIMP 2007) ◽

10.1109/icimp.2007.17 ◽

2007 ◽

Cited By ~ 6

Author(s):

Xiutao Cui ◽

Yuliang Chen ◽

Junzhong Gu

Keyword(s):

Access Control ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Location Aware ◽

Role Based ◽

Mobile Collaboration

Download Full-text

Preventing Illegal Information Flow Based on Role-Based Access Control Model

Network-Based Information Systems - Lecture Notes in Computer Science ◽

10.1007/978-3-540-85693-1_26 ◽

2008 ◽

pp. 242-251 ◽

Cited By ~ 1

Author(s):

Tomoya Enokido ◽

Makoto Takizawa

Keyword(s):

Access Control ◽

Information Flow ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Role Based

Download Full-text

Privacy-Aware Organisation-Based Access Control Model (PrivOrBAC)

IT Policy and Ethics ◽

10.4018/978-1-4666-2919-6.ch073 ◽

2013 ◽

pp. 1656-1679

Author(s):

Nabil Ajam ◽

Nora Cuppens-Boulahia ◽

Fréderic Cuppens

Keyword(s):

Access Control ◽

Security Policy ◽

Control Model ◽

Role Based Access Control ◽

Access Control Model ◽

Privacy Requirements ◽

Policy Models ◽

Unique Model ◽

Role Based

In this chapter, the authors propose the expression and the modelling of the most important principles of privacy. They deduce the relevant privacy requirements that should be integrated in existing security policy models, such as RBAC models. They suggest the application of a unique model for both access control and privacy requirements. Thus, an access control model is to be enriched with new access constraints and parameters, namely the privacy contexts, which should implement the consent and the notification concepts. For this purpose, the authors introduce the Privacy-aware Organisation role Based Access Control (PrivOrBAC) model.

Download Full-text