Zhang, Rui and Crispo, Bruno and Giunchiglia, Fausto (2008) Design and Run Time Reasoning with RelBAC. UNSPECIFIED. (Submitted)
Abstract
Relation-Based Access Control (RelBAC) is an access control model for the Web scenarios, which represents permissions as relations between users and objects. By exploiting the formalization of RelBAC model in Description Logics (DL), sophisticated access control policies can be directly encoded as DL formulas. This facilitates the administration with design time reasoning on hierarchies, memberships, propagations, separation of duties, etc. and helps with run time reasoning to make access control decisions. All these reasoning can be performed through state of the art, off-the-shelf DL reasoners.
Item Type: | Departmental Technical Report |
Department or Research center: | Information Engineering and Computer Science |
Subjects: | Q Science > QA Mathematics > QA076 Computer software |
Uncontrolled Keywords: | RelBAC, Reasoning, Web |
Additional Information: | Categories and Subject Descriptors: K.6.5 [Management of Computing and Information Systems] Security and Protection-Authentication, Unauthorized access. General Terms: Access Control. |
Report Number: | DISI-08-062 |
Repository staff approval on: | 11 Mar 2009 |
---|
Actions (login required)