The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Role-based access control and the access control matrix
ACM SIGOPS Operating Systems Review
The Description Logic Handbook
The Description Logic Handbook
Completing description logic knowledge bases using formal concept analysis
IJCAI'07 Proceedings of the 20th international joint conference on Artifical intelligence
ISWC '09 Proceedings of the 8th International Semantic Web Conference
Formal concept analysis in knowledge discovery: a survey
ICCS'10 Proceedings of the 18th international conference on Conceptual structures: from information to intelligence
Context-dependent views to axioms and consequences of Semantic Web ontologies
Web Semantics: Science, Services and Agents on the World Wide Web
Review: Formal concept analysis in knowledge processing: A survey on applications
Expert Systems with Applications: An International Journal
| Hi-index | 0.00 |
Role Based Access Control (RBAC) is a methodology for providing users in an IT system specific permissions like write or read to users. It abstracts from specific users and binds permissions to user roles. Similarly, one can abstract from specific documents and bind permission to document types. In this paper, we apply Description Logics (DLs) to formalize RBAC. We provide a thorough discussion on different possible interpretations of RBAC matrices and how DLs can be used to capture the RBAC constraints. We show moreover that with DLs, we can express more intended constraints than it can be done in the common RBAC approach, thus proving the benefit of using DLs in the RBAC setting. For deriving additional constraints, we introduce a strict methodology, based on attribute exploration method known from Formal Concept Analysis. The attribute exploration allows to systematically finding unintended implications and to deriving constraints and making them explicit. Finally, we apply our approach to a real-life example.