A Verifiable Modeling Approach to Configurable Role-Based Access Control
نویسندگان
چکیده
Role-based access control (RBAC) is a popular access control model for enterprise systems due to its economic benefit and scalability. There are many RBAC features available, each providing a different feature. Not all features are needed for an RBAC system. Depending on the requirements, one should be able to configure RBAC by selecting only those features that are needed for the requirements. However, there have not been suitable methods that enable RBAC configuration at the feature level. This paper proposes an approach for systematic RBAC configuration using a combination of feature modeling and UML modeling. The approach describes feature modeling and design principles for specifying and verifying RBAC features and a composition method for building configured RBAC. We demonstrate the approach by building an RBAC configuration for a bank application.
منابع مشابه
A Feature-Based Modeling Approach to Configuring Privacy and Temporality in RBAC
Role-Based Access Control (RBAC) has been increasingly popular due to its efficiency, flexibility, and scalability. Traditionally, RBAC is concerned with Separation of Duty (SoD) among roles and role hierarchies. However, there have been demands for extensions of RBAC as environments of RBAC systems have changed. As part of response to the demands, privacy RBAC and temporal RBAC have been propo...
متن کاملEmploying UML and OCL for designing and analysing role-based access control
Stringent security requirements of organizations like banks or hospitals frequently adopt role-based access control (RBAC) principles to represent and simplify their internal permission management. While representing a fundamental advanced RBAC concept enabling precise restrictions on access rights, authorization constraints increase the complexity of the resulting security policies so that too...
متن کاملEmploying UML and OCL for Designing and Analyzing Role-Based Access Control
Stringent security requirements of organizations like banks or hospitals frequently adopt role-based access control (RBAC) principles to represent and simplify their internal permission management. While representing a fundamental advanced RBAC concept enabling precise restrictions on access rights, authorization constraints increase the complexity of the resulting security policies so that too...
متن کاملSpecification and Verification of a Context-Based Access Control Framework for Cyber Physical Systems
Arjmand Samuel, Hammad Haseeb, Arif Ghafoor and Elisa Bertino Abstract Cyber Physical Systems (CPS) are complex systems that operate in a dynamic environment where security characteristics of contexts are unique, and uniform access to secure resources anywhere anytime to mobile entities poses daunting challenges. To capture context parameters such as location and time in an access control polic...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کامل