Analyzing temporal role based access control models

Emre Uzun, Vijayalakshmi Atluri, Shamik Sural, Jaideep Vaidya, Gennaro Parlato, Anna Lisa Ferrara, P. Madhusudan

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Today, Role Based Access Control (RBAC) is the de facto model used for advanced access control, and is widely deployed in diverse enterprises of all sizes. Several extensions to the authorization as well as the administrative models for RBAC have been adopted in recent years. In this paper, we consider the temporal extension of RBAC (TRBAC), and develop safety analysis techniques for it. Safety analysis is essential for understanding the implications of security policies both at the stage of specification and modification. Towards this end, in this paper, we first define an administrative model for TRBAC. Our strategy for performing safety analysis is to appropriately decompose the TRBAC analysis problem into multiple subproblems similar to RBAC. Along with making the analysis simpler, this enables us to leverage and adapt existing analysis techniques developed for traditional RBAC. We have adapted and experimented with employing two state of the art analysis approaches developed for RBAC as well as tools developed for software testing. Our results show that our approach is both feasible and flexible.

Original languageEnglish (US)
Title of host publicationSACMAT'12 - Proceedings of the 17th ACM Symposium on Access Control Models and Technologies
Number of pages10
StatePublished - 2012
Event17th ACM Symposium on Access Control Models and Technologies, SACMAT'12 - Newark, NJ, United States
Duration: Jun 20 2012Jun 22 2012

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT


Other17th ACM Symposium on Access Control Models and Technologies, SACMAT'12
Country/TerritoryUnited States
CityNewark, NJ


  • Access control
  • Safety analysis
  • Temporal RBAC

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems


Dive into the research topics of 'Analyzing temporal role based access control models'. Together they form a unique fingerprint.

Cite this