Automated and efficient analysis of administrative temporal RBAC policies with role hierarchies

IRIS

Temporal role-based access control models support the specification and enforcement of several temporal constraints on role enabling, role activation, and temporal role hierarchies among others. In this paper, we define three mappings that preserve the solutions to a class of policy problems: they map security analysis problems in presence of static temporal role hierarchies to problems without them. We show how our mappings can be used to extend the capabilities of a tool for the analysis of administrative temporal role-based access control policies to reason in presence of temporal role hierarchies. We carried out an experimental evaluation with a prototype implementation, which highlighted that one of the proposed mappings behaves better than the other two. To the best of our knowledge, ours is the first tool capable of reasoning with (static) temporal role hierarchies.

Automated and efficient analysis of administrative temporal RBAC policies with role hierarchies / Ranise, S.; Truong, A.; Vigano, L.. - In: JOURNAL OF COMPUTER SECURITY. - ISSN 0926-227X. - 26:4(2018), pp. 423-458. [10.3233/JCS-15756]

Automated and efficient analysis of administrative temporal RBAC policies with role hierarchies

Ranise S.;Truong A.;Vigano L.

2018-01-01

Abstract

Temporal role-based access control models support the specification and enforcement of several temporal constraints on role enabling, role activation, and temporal role hierarchies among others. In this paper, we define three mappings that preserve the solutions to a class of policy problems: they map security analysis problems in presence of static temporal role hierarchies to problems without them. We show how our mappings can be used to extend the capabilities of a tool for the analysis of administrative temporal role-based access control policies to reason in presence of temporal role hierarchies. We carried out an experimental evaluation with a prototype implementation, which highlighted that one of the proposed mappings behaves better than the other two. To the best of our knowledge, ours is the first tool capable of reasoning with (static) temporal role hierarchies.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
			2018
		
	Titolo del periodico (Journal title)
	
			JOURNAL OF COMPUTER SECURITY
		
	Numero e parte del fascicolo (Issue number and part)
	
			4
		
	DOI
	
			https://dx.doi.org/10.3233/JCS-15756
		
	Codice Scopus (Scopus identifier)
	
			2-s2.0-85050405639
		
	Codice WOS (WOS identifier)
	
			WOS:000438216400001
		
	Tutti gli autori
	
			Ranise, S.; Truong, A.; Vigano, L.
		
	Citazione
	
			Automated and efficient analysis of administrative temporal RBAC policies with role hierarchies / Ranise, S.; Truong, A.; Vigano, L.. - In: JOURNAL OF COMPUTER SECURITY. - ISSN 0926-227X. - 26:4(2018), pp. 423-458. [10.3233/JCS-15756]
		
	Appare nelle tipologie:
	
			03.1 Articolo su rivista (Journal article)

File in questo prodotto:

Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/332955

Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni

ND

2

2

social impact