FORMAL DECISION MODELING FOR ROLE-BASED ACCESS CONTROL POLICIES
نویسندگان
چکیده
Role-Based Access Control (RBAC) has been widely used in information systems, including so-called critical systems. In business, workflows are to control the flow of processes. One major issues concerning these processes is be able verify that a proposed process model strictly corresponds specifications which it supposed respond. models describe frameworks dictate permissions. The RBAC generally static, i.e. access decisions are: grant or deny. Dynamic and flexible required. order increase flexibility control, notion decision proposed. Decisions execute requirements fulfilled. main this article use produce dynamic model. Our augments dynamics It allows dynamically assigning For illustration, Feather's meeting management system used. Finally, first-order logic analyze validity
منابع مشابه
Toward Formal Verification of Role-Based Access Control Policies
Specifying and managing access control policies is a challenging problem. We propose to develop formal verification techniques for access control policies to improve the current state of the art of policy specification and management. In this paper, we formalize classes of security analysis problems in the context of Role-Based Access Control. We show that in general, these problems are PSPACE-...
متن کاملA comprehensive modeling framework for role-based access control policies
Prohibiting unauthorized access to critical resources and data has become a major requirement for enterprises. Access control (AC) mechanisms manage requests from users to access system resources; the access is granted or denied based on authorization policies defined within the enterprise. One of the most used AC paradigms is role-based access control (RBAC). In RBAC, access rights are determi...
متن کاملA formal role-based access control model for security policies in multi-domain mobile networks
Mobile users present challenges for security in multi-domain mobile networks. The actions of mobile users moving across security domains need to be specified and checked against domain and inter-domain policies. We propose a new formal security policy model for multi-domain mobile networks, called FPM-RBAC, Formal Policy Model for Mobility with Role Based Access Control. FPM-RBAC supports the s...
متن کاملFormal Analysis of Access Control Policies
We present a formal (model-based) approach to describing and analysing access control policies. This approach allows us to evaluate access requests against policies, compare versions of policies with each other and check policies for internal consistency. Access control policies are described using VDM, a statebased formal modelling language. Policy descriptions are concise and may be easily ma...
متن کاملParameterized Role-Based Access Control Policies for XML Documents
Role-based access control policies (RBACPs) are often used to provide access to fragments of static XML documents. There are various implementations of such RBACPs, including those that disseminate a single document superencrypted with multiple cryptographic keys, in such a way that the stated policy is enforced. However, most existing approaches are subject to role proliferation, especially in...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Advances in Mathematics
سال: 2023
ISSN: ['1857-8365', '1857-8438']
DOI: https://doi.org/10.37418/amsj.12.3.4