Role-Based Access Control Models
Computer
Induced role hierarchies with attribute-based RBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
A Model for Attribute-Based User-Role Assignment
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
A Policy Language for a Pervasive Computing Environment
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
The description logic handbook: theory, implementation, and applications
The description logic handbook: theory, implementation, and applications
Rule-Based RBAC with Negative Authorization
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Automated and efficient analysis of role-based access control with attributes
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Hi-index | 0.00 |
The RB-RBAC family introduces negative authorization, represented by negative roles, which may bring conflict, and conflict detection and resolution become an import work in RB-RBAC policy management. We proposed a formalization of RB-RBAC model by description logic and developed conflict detection methods based on description logic reasoning service. Conflicts can be detected when all authorization rules have been defined, and a revised detection method is also given to improve the system efficiency when dynamically adding new authorization rule to system. Conflicts among related rules and among unrelated rules can be distinguished by these methods. We also demonstrate a simple method to resolve conflict.