Paper Info
Title
Security analysis for temporal role based access control
Abstract
Providing restrictive and secure access to resources is a challenging and socially important problem. Among the many formal security models, Role Based Access Control (RBAC) has become the norm in many of today's organizations for enforcing security. For every model, it is necessary to analyze and prove that the corresponding system is secure. Such analysis helps understand the implications of security policies and helps organizations gain confidence on the control they have on resources while providing access, and devise and maintain policies.In this paper, we consider security analysis for the Temporal RBAC (TRBAC), one of the extensions of RBAC. The TRBAC considered in this paper allows temporal restrictions on roles themselves, user-permission assignments (UA), permission-role assignments (PA), as well as role hierarchies (RH). Towards this end, we first propose a suitable administrative model that governs changes to temporal policies. Then we propose our security analysis strategy, that essentially decomposes the temporal security analysis problem into smaller and more manageable RBAC security analysis sub-problems for which the existing RBAC security analysis tools can be employed. We then evaluate them from a practical perspective by evaluating their performance using simulated data sets.
Year
DOI
Venue
2014
10.3233/JCS-140510
Journal of Computer Security
Keywords
Field
DocType
access control,safety analysis,temporal rbac,temporal role hierarchy
Computer science,Computer security,Role-based access control,Norm (social),Software,Security analysis,Access control,Security policy,Hierarchy,Computer security model
Journal
Volume
Issue
ISSN
22
6
0926-227X
Citations 
PageRank 
References 
0
0.34
30
Authors
7
Name
Order
Citations
PageRank
Emre Uzun1343.74
Vijayalakshmi Atluri23256424.98
Jaideep Vaidya32778171.18
Shamik Sural4100896.36
Anna Lisa Ferrara538119.17
Gennaro Parlato649827.20
P. Madhusudan74498188.75