Research on Description Logic Based Conflict Detection Methods for RB-RBAC Model
نویسندگان
چکیده
RB-RBAC (Rule-Based RBAC) provides the mechanism to dynamically assign users to roles based on a finite set of authorization rules defined by the enterprise's security policy. The RB-RBAC family introduces negative authorization, represented by negative roles, which may bring conflict, and conflict detection and resolution become an import work in RB-RBAC policy management. We proposed a formalization of RB-RBAC model by description logic and developed conflict detection methods based on description logic reasoning service. Conflicts can be detected when all authorization rules have been defined, and a revised detection method is also given to improve the system efficiency when dynamically adding new authorization rule to system. Conflicts among related rules and among unrelated rules can be distinguished by these methods. We also demonstrate a simple method to resolve conflict.
منابع مشابه
Edited by
The detection and resolution of constraint conflicts in RBAC have been overlooked and remain a significant research challenge. To address these concerns, in this paper, we classify constraint conflicts into two categories: internal constraint conflicts that occur when two or more constraints are deemed incompatible with each other and external constraint conflicts that occur when the configurat...
متن کاملResearch on access control in grid environment
Role-Based Access Control, for short RBAC, is a security technology that ensures system resources can not be accessed by non-authorized users. It can be used in network security and works well for grid security as well. Based on the research of RBAC model at present the paper proposes a role-based access control model in grid environment. The model still discusses the issues of role authorizati...
متن کاملRepresentation and Reasoning on RBAC: A Description Logic Approach
Role-based access control (RBAC) is recognized as an excellent model for access control in large-scale networked applications. Formalization of RBAC in a logical approach makes it feasible to reason about a specified policy and verify its correctness. We propose a formalization of RBAC by the description logic language ALCQ. We also show that the RBAC constraints can be captured by ALCQ. Furthe...
متن کاملUsing Description Logic to Formalize Role-Based Access Control Model
Role-Based Access Control (RBAC) has been recognized as a strategy which reduces the cost and complexity of security administration in large-scale networked applications. A general family of RBAC models called RBAC96 was proposed by Sandhu et al. [1], which formally defines the relations among user, role and permission using the notion of set membership. Constraints is an important aspect of RB...
متن کاملUAV attitude Sensor Fault Detection Based On Fuzzy Logic and by Neural Network Model Identification
Fault detection has always been important in aviation systems to prevent many accidents. This process is possible in different ways. In this paper, we first identify the longitudinal axis plane model using neural network approach. Then based on the obtained model and using fuzzy logic, the aircraft status sensor fault detection unit was designed. The simulation results show that the fault detec...
متن کامل