The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Security analysis for temporal role based access control

Security analysis for temporal role based access control
Security analysis for temporal role based access control
Providing restrictive and secure access to resources is a challenging and socially important problem. Among the many formal security models, Role Based Access Control (RBAC) has become the norm in many of today's organizations for enforcing security. For every model, it is necessary to analyze and prove that the corresponding system is secure. Such analysis helps understand the implications of security policies and helps organizations gain confidence on the control they have on resources while providing access, and devise and maintain policies.

In this paper, we consider security analysis for the Temporal RBAC (TRBAC), one of the extensions of RBAC. The TRBAC considered in this paper allows temporal restrictions on roles themselves, user-permission assignments (UA), permission-role assignments (PA), as well as role hierarchies (RH). Towards this end, we first propose a suitable administrative model that governs changes to temporal policies. Then we propose our security analysis strategy, that essentially decomposes the temporal security analysis problem into smaller and more manageable RBAC security analysis sub-problems for which the existing RBAC security analysis tools can be employed. We then evaluate them from a practical perspective by evaluating their performance using simulated data sets.
Uzun, Emre
6a346a23-8598-41b1-9d67-d13419d25f9f
Atluri, Vijayalakshmi
f4401f35-3e76-4846-9ce8-4bb8362079fe
Vaidya, Jaideep
7dfa994e-6422-4a65-b938-ad19fd283930
Sural, Shamik
60e4c319-a321-4613-b598-f2c20032d184
Ferrara, Anna Lisa
6bc9ff9b-aa7d-4124-8de1-73aeda822d7e
Parlato, Gennaro
c28428a0-d3f3-4551-a4b5-b79e410f4923
Madhusudan, P.
8af89366-038f-4a30-9588-61d3f4477b49
Uzun, Emre
6a346a23-8598-41b1-9d67-d13419d25f9f
Atluri, Vijayalakshmi
f4401f35-3e76-4846-9ce8-4bb8362079fe
Vaidya, Jaideep
7dfa994e-6422-4a65-b938-ad19fd283930
Sural, Shamik
60e4c319-a321-4613-b598-f2c20032d184
Ferrara, Anna Lisa
6bc9ff9b-aa7d-4124-8de1-73aeda822d7e
Parlato, Gennaro
c28428a0-d3f3-4551-a4b5-b79e410f4923
Madhusudan, P.
8af89366-038f-4a30-9588-61d3f4477b49

Uzun, Emre, Atluri, Vijayalakshmi, Vaidya, Jaideep, Sural, Shamik, Ferrara, Anna Lisa, Parlato, Gennaro and Madhusudan, P. (2014) Security analysis for temporal role based access control. Journal of Computer Security. (doi:10.3233/JCS-140510).

Record type: Article

Abstract

Providing restrictive and secure access to resources is a challenging and socially important problem. Among the many formal security models, Role Based Access Control (RBAC) has become the norm in many of today's organizations for enforcing security. For every model, it is necessary to analyze and prove that the corresponding system is secure. Such analysis helps understand the implications of security policies and helps organizations gain confidence on the control they have on resources while providing access, and devise and maintain policies.

In this paper, we consider security analysis for the Temporal RBAC (TRBAC), one of the extensions of RBAC. The TRBAC considered in this paper allows temporal restrictions on roles themselves, user-permission assignments (UA), permission-role assignments (PA), as well as role hierarchies (RH). Towards this end, we first propose a suitable administrative model that governs changes to temporal policies. Then we propose our security analysis strategy, that essentially decomposes the temporal security analysis problem into smaller and more manageable RBAC security analysis sub-problems for which the existing RBAC security analysis tools can be employed. We then evaluate them from a practical perspective by evaluating their performance using simulated data sets.

Text
JCS Paper.pdf - Other
Download (984kB)

More information

e-pub ahead of print date: 16 December 2014
Published date: 16 December 2014
Organisations: Electronic & Software Systems
Learn more about Cyber Physical Systems research

Identifiers

Local EPrints ID: 366414
URI: http://eprints.soton.ac.uk/id/eprint/366414
DOI: doi:10.3233/JCS-140510
PURE UUID: 22488ce3-6cee-4b51-b1f6-373dcf4bca44

Catalogue record

Date deposited: 26 Jun 2014 10:51
Last modified: 14 Mar 2024 17:08

Export record

Altmetrics

Contributors

Author: Emre Uzun
Author: Vijayalakshmi Atluri
Author: Jaideep Vaidya
Author: Shamik Sural
Author: Anna Lisa Ferrara
Author: Gennaro Parlato
Author: P. Madhusudan

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×