Representation and Reasoning on Role-Based Access Control Policies with Conceptual Graphs
نویسندگان
چکیده
This paper focused on two aspects of access control: graphical representation and reasoning. Access control policies describe which operations on resources are granted to users. Role-based access control is the model which introduces the concept of role to design user’ permissions. Actually, there is a lack of tools allowing security officers to describe and reason on their policies graphically. Thanks to conceptual graphs, we can provide a consistent graphical formalism for role-based access control policies, able to deal with specificities of this model such as role hierarchy and constraints. Moreover, once a policy modelled within CGs, graph rules and chainings can be used to reason on it. Thus, allowing SOs to understand why (through wich role assignment) user’ permissions are granted and to find constraints violated by assignments.
منابع مشابه
On Conceptual Graphs and Explanation of Query Answering under Inconsistency
Conceptual Graphs are a powerful visual knowledge representation language. In this paper we are interested in the use of Conceptual Graphs in the setting of Ontology Based Data Access, and, more specifically, in reasoning in the presence of inconsistency. We present different explanation heuristics of query answering under inconsistency and show how they can be implemented under the Conceptual ...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملConceptual graphs at work : efficient reasoning and applications
This thesis describes original research in the field of knowledge representation and reasoning by presenting novel extensions to the Conceptual Graphs Model, which increase their reasoning capabilities and conceptual modelling applicability in Artificial Intelligence. Conceptual Graphs benefit from graph-based reasoning mechanisms, plug-in capabilities over existing data structures and good vis...
متن کاملA semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کاملLink-based Reasoning on Conceptual Graphs
In the real world, relationships between objects (for example, dependencies among them) play an important role. Therefore, knowledge representation formalism should offer powerful enough capabilities to represent them. In this paper, we aim to represent complex relations among all kinds of concepts, and to express the dynamic behaviour associated to such relations, and exploit it for deduction ...
متن کامل