Temporal role-based access control models support the specification and enforcement of several temporal constraints on role enabling, role activation, and temporal role hierarchies among others. In this paper, we define three mappings that preserve the solutions to a class of policy problems: they map security analysis problems in presence of static temporal role hierarchies to problems without them. We show how our mappings can be used to extend the capabilities of a tool for the analysis of administrative temporal role-based access control policies to reason in presence of temporal role hierarchies. We carried out an experimental evaluation with a prototype implementation, which highlighted that one of the proposed mappings behaves better than the other two. To the best of our knowledge, ours is the first tool capable of reasoning with (static) temporal role hierarchies.

Automated and efficient analysis of administrative temporal RBAC policies with role hierarchies / Ranise, S.; Truong, A.; Vigano, L.. - In: JOURNAL OF COMPUTER SECURITY. - ISSN 0926-227X. - 26:4(2018), pp. 423-458. [10.3233/JCS-15756]

Automated and efficient analysis of administrative temporal RBAC policies with role hierarchies

Ranise S.;
2018-01-01

Abstract

Temporal role-based access control models support the specification and enforcement of several temporal constraints on role enabling, role activation, and temporal role hierarchies among others. In this paper, we define three mappings that preserve the solutions to a class of policy problems: they map security analysis problems in presence of static temporal role hierarchies to problems without them. We show how our mappings can be used to extend the capabilities of a tool for the analysis of administrative temporal role-based access control policies to reason in presence of temporal role hierarchies. We carried out an experimental evaluation with a prototype implementation, which highlighted that one of the proposed mappings behaves better than the other two. To the best of our knowledge, ours is the first tool capable of reasoning with (static) temporal role hierarchies.
2018
4
Ranise, S.; Truong, A.; Vigano, L.
Automated and efficient analysis of administrative temporal RBAC policies with role hierarchies / Ranise, S.; Truong, A.; Vigano, L.. - In: JOURNAL OF COMPUTER SECURITY. - ISSN 0926-227X. - 26:4(2018), pp. 423-458. [10.3233/JCS-15756]
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/332955
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 2
  • OpenAlex ND
social impact