Temporal Hierarchy and Inheritance Semantics for GTRBAC
نویسندگان
چکیده
A Generalized Temporal Role Based Access Control (GTRBAC) model that captures an exhaustive set of temporal constraint needs for access control has recently been proposed. GTRBAC’s language constructs allow one to specify various temporal constraints on role, userrole assignments and role-permission assignments. However, the presence of temporal constraints on role enablings and role activations can have various implications on a role hierarchy. In this paper, we present an analysis of the effects of GTRBAC temporal constraints on a role hierarchy and introduce various kinds of temporal hierarchies. In particular, we show that there are certain distinctions that need to be made in permission inheritance and role activation semantics in order to capture all the effects of GTRBAC constraints such as role enablings and role activations on a role hierarchy. Portions of this work were supported by the sponsors of the Center for Education and Research in Information Assurance and Security (CERIAS)
منابع مشابه
Hybrid Role Hierarchy for Generalized Temporal Role Based Access Control Model
Generalized Temporal Role Based Access Control (GTRBAC) model that captures an exhaustive set of temporal constraint needs for access control has recently been proposed. GTRBAC’s language constructs allow one to specify various temporal constraints on role, user-role assignments and role-permission assignments. In this paper, we present the notion of different types of role hierarchies based on...
متن کاملCERIAS Tech Report 2006-25 FORMAL FOUNDATIONS FOR HYBRID HIERARCHIES IN GTRBAC
A role hierarchy defines semantics related to permission acquisitions and role activations through role-role relationships. It can be utilized for efficiently and effectively structuring functional roles of an organization having related access control needs. Temporal constraints on role enablings and role activations can have various implications on such a role hierarchy. The focus of this pap...
متن کاملGeneralized Temporal Role Based Access Control Model (GTRBAC) Part II Expressiveness and Design Issues
The Generalized Temporal Role Based Access Control (GTRBAC) model introduces a large set oftemporal constraint expressions that facilitates the specification of a comprehensive accesscontrol policy. However, the issue of its expressiveness has not been investigated earlier. In thispaper, we present an exhaustive analysis of the expressiveness of the constructs provided byGTRBAC ...
متن کاملGeneralized Temporal Role Based Access Control Model (GTRBAC) Part I Specification and Modeling
A temporal RBAC (TRBAC) model has recently been proposed that addresses the temporalaspects of roles and trigger-based role enabling. However, it is limited to constraints on enablingof roles only. We propose a Generalized Temporal Role Based Access Control model (GTRBAC)that is capable of expressing a wider range of temporal constraints. GTRBAC is capable ofexpressing periodic ...
متن کاملA Stable Model Semantics for Behavioral
We present a model for deductive object oriented query languages with inheritance and overriding. In this model, we consider a DAG like dynamic isa hierarchy and we account for both value or attribute inheritance and method inheritance or code sharing. We show that these two types of inheritance can be treated uniformly within an elegant declarative setting. We then propose a novel semantics fo...
متن کامل