Role-Based Access Control Models
Computer
Reconciling role based management and role based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role templates for content-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Requirements for access control: US Healthcare domain
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
ACM Transactions on Information and System Security (TISSEC)
Modal logic
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
IJCAR '01 Proceedings of the First International Joint Conference on Automated Reasoning
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Practical Domain and Type Enforcement for UNIX
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Cassandra: Flexible Trust Management, Applied to Electronic Health Records
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Graph mining: Laws, generators, and algorithms
ACM Computing Surveys (CSUR)
A Study of Access Control Requirements for Healthcare Systems Based on Audit Trails from Access Logs
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
The Description Logic Handbook
The Description Logic Handbook
Execution monitoring enforcement under memory-limitation constraints
Information and Computation
Run-Time Enforcement of Nonsafety Policies
ACM Transactions on Information and System Security (TISSEC)
RelBAC: Relation Based Access Control
SKG '08 Proceedings of the 2008 Fourth International Conference on Semantics, Knowledge and Grid
A semantic web based framework for social network access control
Proceedings of the 14th ACM symposium on Access control models and technologies
Enforcing access control in Web-based social networks
ACM Transactions on Information and System Security (TISSEC)
Introduction to Algorithms, Third Edition
Introduction to Algorithms, Third Edition
A correspondence theory for terminological logics: preliminary report
IJCAI'91 Proceedings of the 12th international joint conference on Artificial intelligence - Volume 1
PriMa: an effective privacy protection mechanism for social networks
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
A privacy preservation model for facebook-style social network systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Relation-Based Access Control: An Access Control Model for Context-Aware Computing Environment
Wireless Personal Communications: An International Journal
A theory of runtime enforcement, with results
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Privacy policies for shared content in social network sites
The VLDB Journal — The International Journal on Very Large Data Bases
Relationship-based access control: protection model and policy language
Proceedings of the first ACM conference on Data and application security and privacy
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Preventing Sybil Attacks by Privilege Attenuation: A Design Principle for Social Network Systems
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
D-FOAF: distributed identity management with access rights delegation
ASWC'06 Proceedings of the First Asian conference on The Semantic Web
Survey Paper: A survey on policy languages in network and security management
Computer Networks: The International Journal of Computer and Telecommunications Networking
Relationship-based access control: its expression and enforcement through hybrid logic
Proceedings of the second ACM conference on Data and Application Security and Privacy
A visualization tool for evaluating access control policies in facebook-style social network systems
Proceedings of the 27th Annual ACM Symposium on Applied Computing
A user-to-user relationship-based access control model for online social networks
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
SCIMS: a social context information management system for socially-aware applications
CAiSE'12 Proceedings of the 24th international conference on Advanced Information Systems Engineering
HealthSec'12 Proceedings of the 3rd USENIX conference on Health Security and Privacy
A white-box policy analysis and its efficient implementation
Proceedings of the 18th ACM symposium on Access control models and technologies
Relational abstraction in community-based secure collaboration
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Using community structure to control information sharing in online social networks
Computer Communications
| Hi-index | 0.00 |
The Relationship-Based Access Control (ReBAC) model was recently proposed as a general-purpose access control model. It supports the natural expression of parameterized roles, the composition of policies, and the delegation of trust. Fong proposed a policy language that is based on Modal Logic for expressing and composing ReBAC policies. A natural question is whether such a language is representationally complete, that is, whether the language is capable of expressing all ReBAC policies that one is interested in expressing. In this work, we argue that the extensive use of what we call Relational Policies is what distinguishes ReBAC from traditional access control models. We show that Fong's policy language is representationally incomplete in that certain previously studied Relational Policies are not expressible in the language. We introduce two extensions to the policy language of Fong, and prove that the extended policy language is representationally complete with respect to a well-defined subclass of Relational Policies.