Expressing Access Control Policies with an Event-Based Approach
نویسندگان
چکیده
In this paper, we introduce EB3SEC. This language is used to express access control policies in information systems. Permissions and prohibitions are expressed with a class diagram. EB3SEC also includes a process algebra. This process algebra allows one to express specific constraints over permissions and prohibitions. Organizational constraints such as obligation and separation of duty are also supported by process algebra. Separation of duty constraints can be expressed at a workflow process level. Standards such as RBAC or OrBAC can be used to express the access control policy, but their derivatives can also be used. EB3SEC provide a formal language with a high level of expressiveness to describe access control policies.
منابع مشابه
An automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملA semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کاملState-based Channel Access for a Network of Control Systems
Wireless networked control systems use shared wireless links to communicate between sensors and controllers, and require a channel access policy to arbitrate access to the links. Existing multiple access protocols perform this role in an agnostic manner, by remaining insular to the applications that run over the network. This approach does not give satisfactory control performance guarantees. T...
متن کاملConformance Checking of RBAC Policies in Process-Aware Information Systems
A process-aware information system (PAIS) is a software system that supports the definition, execution, and analysis of business processes. The execution of process instances is typically recorded in so called event logs. In this paper, we present an approach to automatically generate LTL (Linear Temporal Logic) statements from process-related RBAC (Role-based Access Control) models. These LTL ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011