Journal of Logic Programming
Logical foundations of object-oriented and frame-based languages
Journal of the ACM (JACM)
A logical framework for reasoning about access control models
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
TRIPLE - A Query, Inference, and Transformation Language for the Semantic Web
ISWC '02 Proceedings of the First International Semantic Web Conference on The Semantic Web
Description logic programs: combining logic programs with description logic
WWW '03 Proceedings of the 12th international conference on World Wide Web
Induced role hierarchies with attribute-based RBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
A Model for Attribute-Based User-Role Assignment
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
A proposal for an owl rules language
Proceedings of the 13th international conference on World Wide Web
Rule-Based RBAC with Negative Authorization
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Rule support for role-based access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Digital Identity
On the Relationship between Description Logic-based and F-Logic-based Ontologies
Fundamenta Informaticae
ROWLBAC: representing role based access control in OWL
Proceedings of the 13th ACM symposium on Access control models and technologies
N3logic: A logical framework for the world wide web
Theory and Practice of Logic Programming
RelBAC: Relation Based Access Control
SKG '08 Proceedings of the 2008 Fourth International Conference on Semantics, Knowledge and Grid
Automating role-based provisioning by learning from examples
Proceedings of the 14th ACM symposium on Access control models and technologies
Ontology-Based policy specification and management
ESWC'05 Proceedings of the Second European conference on The Semantic Web: research and Applications
F-OWL: an inference engine for semantic web
FAABS'04 Proceedings of the Third international conference on Formal Approaches to Agent-Based Systems
Representation and reasoning on RBAC: a description logic approach
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
| Hi-index | 0.00 |
The rule-based RBAC (RB-RBAC) model has been proposed to dynamically assign users to roles based on a set of rules. We identify two problems of this model: simplified rule language with limited expressiveness and the lack of rule reasoning capabilities. In this paper we propose an expressive and extensible provisioning framework that overcomes these drawbacks. Our framework supports complex user-role assignment rules and provides rule reasoning capabilities using OWL DL and F-Logic. Furthermore, we show how our approach supports (i) weak and strong negation to enhance expressiveness and strictness, (ii) defining static SoD constraints, and (iii) detecting conflicts. Finally, the paper describes a mechanism to deduce well-formed SPML requests from rules to provision policy systems with entitlements.