Cardinality Constraint Access Control Model and Implementation
نویسندگان
چکیده
Analysis constraints and its diversity in security access control model. Cardinality is a common constraint in access control model. An extended cardinality constraint access control model is established. According to actual demand, we describe the user-role, user-session, role-session cardinality constraints based on the RBAC model. The differences between static and dynamic cardinality constraints are also represented particularly. Describe the extended model with Schema based XML and extend corresponding model functional specification. In order to support the extended model, we give an implementation structure including access control management and query functions.
منابع مشابه
An automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملVisual Approach to Role Mining with Permission Usage Cardinality Constraint
Role Based Access Control (RBAC) is an effective way of managing permissions assigned to a large number of users in an enterprise. This paper offers a new role engineering approach to RBAC, referred to as visual role mining. The key idea is to graphically represent userpermission assignments to enable quick analysis and elicitation of meaningful roles with constraint. There are two algorithms: ...
متن کاملRole Mining under Role-Usage Cardinality Constraint
With the emergence of Role Based Access Control (RBAC) as the de facto access control model, organizations can now implement and manage many high level security policies. As a means of migration from traditional access control systems to RBAC, di↵erent role mining algorithms have been proposed in recent years for finding a minimal set of roles from existing user-permission assignments. While de...
متن کاملGeneralized Temporal Role Based Access Control Model (GTRBAC) Part I Specification and Modeling
A temporal RBAC (TRBAC) model has recently been proposed that addresses the temporalaspects of roles and trigger-based role enabling. However, it is limited to constraints on enablingof roles only. We propose a Generalized Temporal Role Based Access Control model (GTRBAC)that is capable of expressing a wider range of temporal constraints. GTRBAC is capable ofexpressing periodic ...
متن کاملRole mining based on permission cardinality constraint and user cardinality constraint
Constraint is an essential aspect of RBAC and is sometimes argued to be the principle motivation for RBAC. However, most of role mining algorithms don’t consider the constraint. Furthermore, they just compare the least cost of the authorization process while don’t consider how to assess the accuracy of the derived role state, thus providing the motivation for this work. In this paper, we first ...
متن کامل