Relation Based Access Control: Logic and Policies

Giunchiglia, Fausto and Zhang, Rui and Crispo, Bruno and Artale, Alessandro (2010) Relation Based Access Control: Logic and Policies. UNSPECIFIED. (Unpublished)

Download (431Kb) | Preview


    The Web 2.0, GRID applications and more recently semantic desktop applications are bringing the Web to a situation where more and more data and metadata are shared and made available to large user groups. Things are further complicated by the highly unpredictable and autonomous dynamics of data, users, permissions and access control rules. For this novel scenario, a new access control model, Relation-Based Access Control (RelBAC) is proposed which allows subjects, objects and permissions to be dened independently. The key property which makes this possible is that permissions are modeled as relations between subjects and objects. RelBAC is formalized using the Description Logic ALCQIBO, which allows to perform policy management, e.g., Separation of Duties via automated reasoning.

    Item Type: Departmental Technical Report
    Department or Research center: Information Engineering and Computer Science
    Subjects: Q Science > QA Mathematics > QA076 Computer software
    Report Number: DISI-10-053
    Repository staff approval on: 28 Oct 2010

    Actions (login required)

    View Item