Security analysis for temporal role based access control
Security analysis for temporal role based access control
Providing restrictive and secure access to resources is a challenging and socially important problem. Among the many formal security models, Role Based Access Control (RBAC) has become the norm in many of today's organizations for enforcing security. For every model, it is necessary to analyze and prove that the corresponding system is secure. Such analysis helps understand the implications of security policies and helps organizations gain confidence on the control they have on resources while providing access, and devise and maintain policies.
In this paper, we consider security analysis for the Temporal RBAC (TRBAC), one of the extensions of RBAC. The TRBAC considered in this paper allows temporal restrictions on roles themselves, user-permission assignments (UA), permission-role assignments (PA), as well as role hierarchies (RH). Towards this end, we first propose a suitable administrative model that governs changes to temporal policies. Then we propose our security analysis strategy, that essentially decomposes the temporal security analysis problem into smaller and more manageable RBAC security analysis sub-problems for which the existing RBAC security analysis tools can be employed. We then evaluate them from a practical perspective by evaluating their performance using simulated data sets.
Uzun, Emre
6a346a23-8598-41b1-9d67-d13419d25f9f
Atluri, Vijayalakshmi
f4401f35-3e76-4846-9ce8-4bb8362079fe
Vaidya, Jaideep
7dfa994e-6422-4a65-b938-ad19fd283930
Sural, Shamik
60e4c319-a321-4613-b598-f2c20032d184
Ferrara, Anna Lisa
6bc9ff9b-aa7d-4124-8de1-73aeda822d7e
Parlato, Gennaro
c28428a0-d3f3-4551-a4b5-b79e410f4923
Madhusudan, P.
8af89366-038f-4a30-9588-61d3f4477b49
16 December 2014
Uzun, Emre
6a346a23-8598-41b1-9d67-d13419d25f9f
Atluri, Vijayalakshmi
f4401f35-3e76-4846-9ce8-4bb8362079fe
Vaidya, Jaideep
7dfa994e-6422-4a65-b938-ad19fd283930
Sural, Shamik
60e4c319-a321-4613-b598-f2c20032d184
Ferrara, Anna Lisa
6bc9ff9b-aa7d-4124-8de1-73aeda822d7e
Parlato, Gennaro
c28428a0-d3f3-4551-a4b5-b79e410f4923
Madhusudan, P.
8af89366-038f-4a30-9588-61d3f4477b49
Uzun, Emre, Atluri, Vijayalakshmi, Vaidya, Jaideep, Sural, Shamik, Ferrara, Anna Lisa, Parlato, Gennaro and Madhusudan, P.
(2014)
Security analysis for temporal role based access control.
Journal of Computer Security.
(doi:10.3233/JCS-140510).
Abstract
Providing restrictive and secure access to resources is a challenging and socially important problem. Among the many formal security models, Role Based Access Control (RBAC) has become the norm in many of today's organizations for enforcing security. For every model, it is necessary to analyze and prove that the corresponding system is secure. Such analysis helps understand the implications of security policies and helps organizations gain confidence on the control they have on resources while providing access, and devise and maintain policies.
In this paper, we consider security analysis for the Temporal RBAC (TRBAC), one of the extensions of RBAC. The TRBAC considered in this paper allows temporal restrictions on roles themselves, user-permission assignments (UA), permission-role assignments (PA), as well as role hierarchies (RH). Towards this end, we first propose a suitable administrative model that governs changes to temporal policies. Then we propose our security analysis strategy, that essentially decomposes the temporal security analysis problem into smaller and more manageable RBAC security analysis sub-problems for which the existing RBAC security analysis tools can be employed. We then evaluate them from a practical perspective by evaluating their performance using simulated data sets.
Text
JCS Paper.pdf
- Other
More information
e-pub ahead of print date: 16 December 2014
Published date: 16 December 2014
Organisations:
Electronic & Software Systems
Identifiers
Local EPrints ID: 366414
URI: http://eprints.soton.ac.uk/id/eprint/366414
PURE UUID: 22488ce3-6cee-4b51-b1f6-373dcf4bca44
Catalogue record
Date deposited: 26 Jun 2014 10:51
Last modified: 14 Mar 2024 17:08
Export record
Altmetrics
Contributors
Author:
Emre Uzun
Author:
Vijayalakshmi Atluri
Author:
Jaideep Vaidya
Author:
Shamik Sural
Author:
Anna Lisa Ferrara
Author:
Gennaro Parlato
Author:
P. Madhusudan
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics