A formal model for flat role-based access control

Khayat, E. J. and Abdallah, A. E. (2003) A formal model for flat role-based access control. In: Computer Systems and Applications, 2003. Book of Abstracts. ACS/IEEE International Conference. IEEE Conference Publications, p. 75. ISBN 0-7803-7983-7

Full text not available from this repository. (Request a copy)

Abstract

Summary form only given. Role-based access control (RBAC) is very useful for providing a high level description of access control. It enables a better understanding of the security problems in an institution because it bridges the gap between their technical aspects and their managerial descriptions. Several models have been devised to describe RBAC. However, the definitions of some of the concepts of RBAC, such as subject, role and permission, were open to many interpretations. Also, the devised models for RBAC, did not detail the analysis of the access operations in RBAC. We formalize each of the basic concepts of RBAC for their definitions to be clear and precise. Based on these definitions, a formal state-based model for flat role based access control (FRBAC) is constructed and described in the specification notation Z. This approach permits the close examination of the states in the system. Consequently, it helps to analyse in depth the access operations of RBAC. The model is also refined by supporting the concepts of active roles and private permissions. In the future, the model can be enhanced by extending it to model the delegation and revocation of roles. Other developments of this model include the support of the separation of duty constraints.

Item Type: Book Section
Uncontrolled Keywords: Role-Based Access Control, Authorisation, Security, Formal Methods, Z Specification.
Subjects: G400 Computer Science
Divisions: Faculty of Computing, Engineering and the Built Environment
Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology
Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology > Cyber Security
UoA Collections > UoA11: Computer Science and Informatics
Depositing User: Oana-Andreea Dumitrascu
Date Deposited: 07 Apr 2017 10:23
Last Modified: 07 Apr 2017 10:23
URI: http://www.open-access.bcu.ac.uk/id/eprint/4218

Actions (login required)

View Item View Item

Research

In this section...