Term Rewriting for Access Control

نویسندگان

  • Steve Barker
  • Maribel Fernández
چکیده

We demonstrate how access control models and policies can be represented by using term rewriting systems, and how rewriting may be used for evaluating access requests and for proving properties of an access control policy. We focus on two kinds of access control models: discretionary models, based on access control lists (ACLs), and rolebased access control (RBAC) models. For RBAC models, we show that we can specify several variants, including models with role hierarchies, and constraints and support for security administrator review querying.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

The 2007 Federated Conference on Rewriting, Deduction and Programming Workshop on Security and Rewriting Techniques Program Commitee Diffie-hellman Cryptographic Reasoning in the Maude-nrl Protocol Analyzer 29 Rewriting and Reachability for Software Security Action-status Access Control as Term Rewriting

We propose an access control model that generalizes Role-Based Access Control by making a distinction between what we call ascribed status and action status. The model is based upon the key notion of an event to enable changes in access control requirements to be performed autonomously. Our access control model is specified as a term rewriting system that permits declarative representation of a...

متن کامل

Action-Status Access Control as Term Rewriting

We propose an access control model that generalizes RoleBased Access Control by making a distinction between what we call ascribed status and action status. The model is based upon the key notion of an event to enable changes in access control requirements to be performed autonomously. Our access control model is specified as a term rewriting system that permits declarative representation of ac...

متن کامل

Rewriting-Based Access Control Policies

In this paper we propose a formalization of access control policies based on term rewriting. The state of the system to which policies are enforced is represented as an algebraic term, what allows to model many aspects of the policy environment. Policies are represented as sets of rewrite rules, whose evaluation produces deterministic authorization decisions. We discuss the relation between pro...

متن کامل

Modular Access Control Via Strategic Rewriting

Security policies, in particular access control, are fundamental elements of computer security. We address the problem of authoring and analyzing policies in a modular way using techniques developed in the field of term rewriting, focusing especially on the use of rewriting strategies. Term rewriting supports a formalization of access control with a clear declarative semantics based on equation...

متن کامل

Dynamic Event-Based Access Control as Term Rewriting

Despite the widespread adoption of Role-based Access Control (RBAC) models, new access control models are required for new applications for which RBAC may not be especially well suited and for which implementations of RBAC do not enable properties of access control policies to be adequately defined and proven. To address these issues, we propose a form of access control model that is based upon...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2006