Security analysis for temporal role based access control

Uzun, Emre, Atluri, Vijayalakshmi, Vaidya, Jaideep, Sural, Shamik, Ferrara, Anna Lisa, Parlato, Gennaro and Madhusudan, P. (2014) Security analysis for temporal role based access control Journal of Computer Security (doi:10.3233/JCS-140510).


[img] PDF JCS Paper.pdf - Other
Download (984kB)


Providing restrictive and secure access to resources is a challenging and socially important problem. Among the many formal security models, Role Based Access Control (RBAC) has become the norm in many of today's organizations for enforcing security. For every model, it is necessary to analyze and prove that the corresponding system is secure. Such analysis helps understand the implications of security policies and helps organizations gain confidence on the control they have on resources while providing access, and devise and maintain policies.

In this paper, we consider security analysis for the Temporal RBAC (TRBAC), one of the extensions of RBAC. The TRBAC considered in this paper allows temporal restrictions on roles themselves, user-permission assignments (UA), permission-role assignments (PA), as well as role hierarchies (RH). Towards this end, we first propose a suitable administrative model that governs changes to temporal policies. Then we propose our security analysis strategy, that essentially decomposes the temporal security analysis problem into smaller and more manageable RBAC security analysis sub-problems for which the existing RBAC security analysis tools can be employed. We then evaluate them from a practical perspective by evaluating their performance using simulated data sets.

Item Type: Article
Digital Object Identifier (DOI): doi:10.3233/JCS-140510
Subjects: H Social Sciences > HE Transportation and Communications
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Organisations: Electronic & Software Systems
ePrint ID: 366414
Date :
Date Event
19 June 2014Published
Date Deposited: 26 Jun 2014 10:51
Last Modified: 17 Apr 2017 13:35
Further Information:Google Scholar

Actions (login required)

View Item View Item