Relation Based Access Control (RelBAC) is an access control model designed for the new scenarios of access control on Web 2.0. Under this model, we discuss in this paper how to formalize typical access control policies with Description Logics. Important security properties, i.e., Separation of Duties (SoD) and ChineseWall constraints are studied and formally represented in RelBAC with the expressive DL ALCQIBO. To meet the needs of automated tools for administrators, RelBAC can formalize and answer queries about access control requests and administrative checks resorting to the reasoning services of the underlying Description Logic.
A Formal Perspective on Relation Based Access Control / Artale, Alessandro; Crispo, Bruno; Zhang, Rui; Giunchiglia, Fausto. - ELETTRONICO. - (2009), pp. 1-17.
A Formal Perspective on Relation Based Access Control
Crispo, Bruno;Zhang, Rui;Giunchiglia, Fausto
2009-01-01
Abstract
Relation Based Access Control (RelBAC) is an access control model designed for the new scenarios of access control on Web 2.0. Under this model, we discuss in this paper how to formalize typical access control policies with Description Logics. Important security properties, i.e., Separation of Duties (SoD) and ChineseWall constraints are studied and formally represented in RelBAC with the expressive DL ALCQIBO. To meet the needs of automated tools for administrators, RelBAC can formalize and answer queries about access control requests and administrative checks resorting to the reasoning services of the underlying Description Logic.| File | Dimensione | Formato | |
|---|---|---|---|
|
069.pdf
accesso aperto
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
305.45 kB
Formato
Adobe PDF
|
305.45 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
