Name
Abstract | ||
|---|---|---|
This paper evaluates the security specification techniques that employ Role Based Access Control (RBAC) variants. RBAC offers a special kind of access control mechanism based on the use of roles to grant permissions. Its variants include role hierarchy and separation of duty (SoD) constraints. The overall management of a RBAC supported system is made through its administrative, review and supporting system functions. In this paper, a summary of semi-formal and formal techniques employing RBAC is provided along with their benefits and limitations. Here, semi-formal techniques refer to UML+OCL while formal ones are based on Alloy. This paper may guide through the process of selecting an appropriate technique to specify security rules. This is done by analyzing the degree of coverage of RBAC including some extensions like SoD and role hierarchy. We also investigate the use of validation and verification tools in these techniques. We find that formal techniques are more amenable to automated analysis as compared to semi-formal ones. Semi-formal techniques are rich in specifying RBAC variants but have prototypic tools. Session based dynamic aspects of RBAC have been partly covered in both techniques. |
Year | DOI | Venue |
|---|---|---|
2011 | 10.1109/ARES.2011.112 | Availability, Reliability and Security |
Keywords | Field | DocType |
role hierarchy,rbac supported techniques,semi-formal technique,appropriate technique,system function,security specification technique,security rule,formal technique,rbac variant,access control mechanism,access control,formal specification,validation and verification,availability,role based access control,separation of duty,authorisation,rbac,scalability,verification and validation,formal verification,unified modeling language,metals | Data mining,Unified Modeling Language,Verification and validation,Computer security,Computer science,Role-based access control,Formal specification,Role hierarchy,Access control,Separation of duties,Formal verification | Conference |
ISBN | Citations | PageRank |
978-0-7695-4485-4 | 7 | 0.52 |
References | Authors | |
20 | 3 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Nafees Qamar | 1 | 52 | 7.57 |
| Yves Ledru | 2 | 102 | 12.50 |
| Akram Idani | 3 | 110 | 15.56 |