TY - GEN
T1 - Analyzing temporal role based access control models
AU - Uzun, Emre
AU - Atluri, Vijayalakshmi
AU - Sural, Shamik
AU - Vaidya, Jaideep
AU - Parlato, Gennaro
AU - Ferrara, Anna Lisa
AU - Madhusudan, P.
PY - 2012
Y1 - 2012
N2 - Today, Role Based Access Control (RBAC) is the de facto model used for advanced access control, and is widely deployed in diverse enterprises of all sizes. Several extensions to the authorization as well as the administrative models for RBAC have been adopted in recent years. In this paper, we consider the temporal extension of RBAC (TRBAC), and develop safety analysis techniques for it. Safety analysis is essential for understanding the implications of security policies both at the stage of specification and modification. Towards this end, in this paper, we first define an administrative model for TRBAC. Our strategy for performing safety analysis is to appropriately decompose the TRBAC analysis problem into multiple subproblems similar to RBAC. Along with making the analysis simpler, this enables us to leverage and adapt existing analysis techniques developed for traditional RBAC. We have adapted and experimented with employing two state of the art analysis approaches developed for RBAC as well as tools developed for software testing. Our results show that our approach is both feasible and flexible.
AB - Today, Role Based Access Control (RBAC) is the de facto model used for advanced access control, and is widely deployed in diverse enterprises of all sizes. Several extensions to the authorization as well as the administrative models for RBAC have been adopted in recent years. In this paper, we consider the temporal extension of RBAC (TRBAC), and develop safety analysis techniques for it. Safety analysis is essential for understanding the implications of security policies both at the stage of specification and modification. Towards this end, in this paper, we first define an administrative model for TRBAC. Our strategy for performing safety analysis is to appropriately decompose the TRBAC analysis problem into multiple subproblems similar to RBAC. Along with making the analysis simpler, this enables us to leverage and adapt existing analysis techniques developed for traditional RBAC. We have adapted and experimented with employing two state of the art analysis approaches developed for RBAC as well as tools developed for software testing. Our results show that our approach is both feasible and flexible.
KW - Access control
KW - Safety analysis
KW - Temporal RBAC
UR - http://www.scopus.com/inward/record.url?scp=84864067251&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84864067251&partnerID=8YFLogxK
U2 - 10.1145/2295136.2295169
DO - 10.1145/2295136.2295169
M3 - Conference contribution
AN - SCOPUS:84864067251
SN - 9781450312950
T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
SP - 177
EP - 186
BT - SACMAT'12 - Proceedings of the 17th ACM Symposium on Access Control Models and Technologies
T2 - 17th ACM Symposium on Access Control Models and Technologies, SACMAT'12
Y2 - 20 June 2012 through 22 June 2012
ER -