The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Analyzing temporal role based access control models

Analyzing temporal role based access control models
Analyzing temporal role based access control models
Today, Role Based Access Control (RBAC) is the de facto model used for advanced access control, and is widely deployed in diverse enterprises of all sizes. Several extensions to the authorization as well as the administrative models for RBAC have been adopted in recent years. In this paper, we consider the temporal extension of RBAC (TRBAC), and develop safety analysis techniques for it. Safety analysis is essential for understanding the implications of security policies both at the stage of specification and modification. Towards this end, in this paper, we first define an administrative model for TRBAC. Our strategy for performing safety analysis is to appropriately decompose the TRBAC analysis problem into multiple subproblems similar to RBAC. Along with making the analysis simpler, this enables us to leverage and adapt existing analysis techniques developed for traditional RBAC. We have adapted and experimented with employing two state of the art analysis approaches developed for RBAC as well as tools developed for software testing. Our results show that our approach is both feasible and flexible.
177 -186
Association for Computing Machinery
Uzun, Emre
6a346a23-8598-41b1-9d67-d13419d25f9f
Atluri, Vijayalakshmi
f4401f35-3e76-4846-9ce8-4bb8362079fe
Sural, Shamik
60e4c319-a321-4613-b598-f2c20032d184
Vaidya, Jaideep
7dfa994e-6422-4a65-b938-ad19fd283930
Gennaro, Parlato
c28428a0-d3f3-4551-a4b5-b79e410f4923
Ferrara, Anna Lisa
6bc9ff9b-aa7d-4124-8de1-73aeda822d7e
Madhusudan, Parthasarathy
8897ebc7-adbb-454f-a718-829b7c1f0dd1
Uzun, Emre
6a346a23-8598-41b1-9d67-d13419d25f9f
Atluri, Vijayalakshmi
f4401f35-3e76-4846-9ce8-4bb8362079fe
Sural, Shamik
60e4c319-a321-4613-b598-f2c20032d184
Vaidya, Jaideep
7dfa994e-6422-4a65-b938-ad19fd283930
Gennaro, Parlato
c28428a0-d3f3-4551-a4b5-b79e410f4923
Ferrara, Anna Lisa
6bc9ff9b-aa7d-4124-8de1-73aeda822d7e
Madhusudan, Parthasarathy
8897ebc7-adbb-454f-a718-829b7c1f0dd1

Uzun, Emre, Atluri, Vijayalakshmi, Sural, Shamik, Vaidya, Jaideep, Gennaro, Parlato, Ferrara, Anna Lisa and Madhusudan, Parthasarathy (2012) Analyzing temporal role based access control models. In SACMAT '12 Proceedings of the 17th ACM symposium on Access Control Models and Technologies. Association for Computing Machinery. 177 -186 . (doi:10.1145/2295136.2295169).

Record type: Conference or Workshop Item (Paper)

Abstract

Today, Role Based Access Control (RBAC) is the de facto model used for advanced access control, and is widely deployed in diverse enterprises of all sizes. Several extensions to the authorization as well as the administrative models for RBAC have been adopted in recent years. In this paper, we consider the temporal extension of RBAC (TRBAC), and develop safety analysis techniques for it. Safety analysis is essential for understanding the implications of security policies both at the stage of specification and modification. Towards this end, in this paper, we first define an administrative model for TRBAC. Our strategy for performing safety analysis is to appropriately decompose the TRBAC analysis problem into multiple subproblems similar to RBAC. Along with making the analysis simpler, this enables us to leverage and adapt existing analysis techniques developed for traditional RBAC. We have adapted and experimented with employing two state of the art analysis approaches developed for RBAC as well as tools developed for software testing. Our results show that our approach is both feasible and flexible.

Text
sacmat.pdf - Version of Record
Restricted to Repository staff only
Request a copy
Text
sacmat.pdf - Other
Download (880kB)

More information

Published date: 20 June 2012
Organisations: Electronic & Software Systems
Learn more about Cyber Physical Systems research

Identifiers

Local EPrints ID: 340533
URI: http://eprints.soton.ac.uk/id/eprint/340533
DOI: doi:10.1145/2295136.2295169
PURE UUID: 1840d948-35ab-4924-a0fb-f85527bed6e7

Catalogue record

Date deposited: 23 Jun 2012 23:41
Last modified: 15 Mar 2024 15:44

Export record

Altmetrics

Contributors

Author: Emre Uzun
Author: Vijayalakshmi Atluri
Author: Shamik Sural
Author: Jaideep Vaidya
Author: Parlato Gennaro
Author: Anna Lisa Ferrara
Author: Parthasarathy Madhusudan

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×