Decentralized Temporal Authorization Administration
نویسندگان
چکیده
Access control is a significant issue in any secure database system. In this paper, we develop a logic programming based approach for temporal decentralized authorization administration in which users can be delegated, granted or forbidden some access rights for restricted periods of time. Three major aspects are taken into consideration for the semantics of the program, the temporal authorization delegation correctness, temporal authorization propagation and temporal authorization conflict resolution. In particular, a conflict resolution method based on the underlying delegation relation and temporal relation is presented, which can support controlled temporal delegation, temporal authorization suspension or exception and the automatic authorization update. The approach provides users a useful way to express complex security policy with time constraints.
منابع مشابه
A Logic Model for Temporal Authorization Delegation with Negation
In this paper, we present a logic based approach to temporal decentralized authorization administration that supports time constrained authorization delegations, both positive and negative authorizations, and implicit authorizations. A set of domain-independent rules are given to capture the features of temporal delegation correctness, temporal conflict resolution and temporal authorization pro...
متن کاملDecentralized Administration for a Temporal Access Control Model
In this report we present a temporal access control model that provides for decentralized administration of authorizations. Each access authorization, negative or positive, is associated with a time interval limiting its validity. When the interval expires, the authorization is automatically revoked. The model also permits the speci cation of rules, based on four di erent temporal operators, to...
متن کاملDecentralized Administration in Collaborating Organizations
This paper focuses on a model preventing conflicts generated by applying positive and negative authorizations to users accessing resources in a large networked system. Key–Words: Collaboration, positive and negative authorization
متن کاملAdministration and Autonomy in a Replication-Transparent Distributed DBMS
Administrative issues are of vital importance to organizations adopting distributed database technology. Most research systems and emerging commercial DDBMSs have assumed site autonomy as a guiding principle. This paper presents some general problems associated with autonomy and administration in a DDBMS, and discusses the incompatibility between replication transparency and site autonomy. In a...
متن کاملAn Authorization Architecture for Web Services
This paper considers the authorization service requirements for the service oriented architecture and proposes an authorization architecture for Web services. It describes the architectural framework, the administration and runtime aspects of our architecture and its components for secure authorization of Web services as well as the support for the management of authorization information. The p...
متن کامل