Reasoning about Relation Based Access Control

Artale, Alessandro and Crispo, Bruno and Giunchiglia, Fausto and Turkmen, Fatih and Zhang, Rui (2010) Reasoning about Relation Based Access Control. UNSPECIFIED. (In Press)

Download (291Kb) | Preview


    Relation Based Access Control (RelBAC) is an access control model that places permissions as first class concepts. Under this model, we discuss in this paper how to formalize typical access control policies with Description Logics. Important security properties, i.e., Separation of Duties (SoD) and Chinese Wall are studied and formally represented in RelBAC. To meet the needs of automated tools for administrators, we show that RelBAC can formalize and answer queries about access control requests and administrative checks resorting to the reasoning services of the underlying Description Logic.

    Item Type: Departmental Technical Report
    Department or Research center: Information Engineering and Computer Science
    Subjects: Q Science > QA Mathematics > QA076 Computer software
    Uncontrolled Keywords: Access Control models, Description Logics
    Additional Information: In the proceedings of the 4th International Conference on Network and System Security (NSS 2010), Melbourne, Australia, September 1-3, 2010.
    Report Number: DISI-10-040
    Repository staff approval on: 29 Jun 2010

    Actions (login required)

    View Item