Analyzing temporal role based access control models


Uzun, Emre, Atluri, Vijayalakshmi, Sural, Shamik, Vaidya, Jaideep, Gennaro, Parlato, Ferrara, Anna Lisa and Madhusudan, P. (2012) Analyzing temporal role based access control models 17th ACM Symposium on Access Control Models and Technologies, SACMAT '12, 177 -186.

Download

[img] PDF sacmat.pdf - Other
Download (880kB)
[img] PDF sacmat.pdf - Version of Record
Download (880kB)

Description/Abstract

Today, Role Based Access Control (RBAC) is the de facto
model used for advanced access control, and is widely deployed
in diverse enterprises of all sizes. Several extensions
to the authorization as well as the administrative models for
RBAC have been adopted in recent years. In this paper, we
consider the temporal extension of RBAC (TRBAC), and
develop safety analysis techniques for it. Safety analysis is
essential for understanding the implications of security policies
both at the stage of specification and modification. Towards
this end, in this paper, we first define an administrative
model for TRBAC. Our strategy for performing safety
analysis is to appropriately decompose the TRBAC analysis
problem into multiple subproblems similar to RBAC.
Along with making the analysis simpler, this enables us to
leverage and adapt existing analysis techniques developed
for traditional RBAC. We have adapted and experimented
with employing two state of the art analysis approaches developed
for RBAC as well as tools developed for software
testing. Our results show that our approach is both feasible
and flexible.

Item Type: Article
Organisations: Electronic & Software Systems
ePrint ID: 340533
Date :
Date Event
20 June 2012Published
Date Deposited: 23 Jun 2012 23:41
Last Modified: 23 Feb 2017 07:15
Further Information:Google Scholar
URI: http://eprints.soton.ac.uk/id/eprint/340533

Actions (login required)

View Item View Item