Theoretical Computer Science
Role-Based Access Control Models
Computer
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Hybrid Role Hierarchy for Generalized Temporal Role Based Access Control Model
COMPSAC '02 Proceedings of the 26th International Computer Software and Applications Conference on Prolonging Software Life: Development and Redevelopment
Static verification of security requirements in role based CSCW systems
Proceedings of the eighth ACM symposium on Access control models and technologies
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
A Role-Based Access Control Policy Verification Framework for Real-Time Systems
WORDS '05 Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
Security Analysis of Temporal-RBAC Using Timed Automata
IAS '08 Proceedings of the 2008 The Fourth International Conference on Information Assurance and Security
Towards Formal Verification of Role-Based Access Control Policies
IEEE Transactions on Dependable and Secure Computing
Specification and analysis of access control policies for mobile applications
Proceedings of the 18th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
In this paper a Timed Automata (TA) based verification framework is proposed for Temporal RBAC. Roles, users, permissions - three basic components of RBAC are modeled using TA. These components interact with each other through channel synchronization. A parallel composition of TA is used to construct the complete system. Temporal constraints on roles, user-role assignments and role-permission assignments are conveniently expressed in this representation. Furthermore, both role hierarchy and separation of duty (SoD) have been incorporated in the proposed framework. Security properties are specified using Computation Tree Logic (CTL) and verified by model checking.