Representation and reasoning on RBAC: a description logic approach

Authors:
Chen Zhao;Nuermaimaiti Heilili;Shengping Liu;Zuoquan Lin
Affiliations:
LMAM, Department of Informatics, School of Math., Peking University, Beijing, China;LMAM, Department of Informatics, School of Math., Peking University, Beijing, China;LMAM, Department of Informatics, School of Math., Peking University, Beijing, China;LMAM, Department of Informatics, School of Math., Peking University, Beijing, China
Venue:
ICTAC'05 Proceedings of the Second international conference on Theoretical Aspects of Computing
Year:
2005

Citing 16
Cited 14

Attributive concept descriptions with complements

Artificial Intelligence
A calculus for access control in distributed systems

ACM Transactions on Programming Languages and Systems (TOPLAS)
Role-Based Access Control Models

Computer
Proof-carrying authentication

CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Role-based authorization constraints specification

ACM Transactions on Information and System Security (TISSEC)
Flexible support for multiple access control policies

ACM Transactions on Database Systems (TODS)
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
A graph-based formalism for RBAC

ACM Transactions on Information and System Security (TISSEC)
A model of OASIS role-based access control and its support for active security

ACM Transactions on Information and System Security (TISSEC)
A logical framework for reasoning about access control models

ACM Transactions on Information and System Security (TISSEC)
Reasoning About Security: A Logic and a Decision Method for Role-Based Access Control

ECSQARU/FAPR '97 Proceedings of the First International Joint Conference on Qualitative and Quantitative Practical Reasoning
A Formal Model for Role-Based Access Control Using Graph Transformation

ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
RACER System Description

IJCAR '01 Proceedings of the First International Joint Conference on Automated Reasoning
The description logic handbook: theory, implementation, and applications

The description logic handbook: theory, implementation, and applications
A uniform framework for concept definitions in description logics

Journal of Artificial Intelligence Research
A logic based approach for dynamic access control

AI'04 Proceedings of the 17th Australian joint conference on Advances in Artificial Intelligence

Analyzing web access control policies

Proceedings of the 16th international conference on World Wide Web
Consistency checking of role assignments in inter-organizational collaboration

SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
Security Analysis of Role Based Access Control Models Using Colored Petri Nets and CPNtools

Transactions on Computational Science IV
Formalization of RBAC policy with object class hierarchy

ISPEC'07 Proceedings of the 3rd international conference on Information security practice and experience
Modeling of the role-based access control policy with constraints using description logic

ICCSA'07 Proceedings of the 2007 international conference on Computational science and its applications - Volume Part I
Access control: what is required in business collaboration?

ADC '09 Proceedings of the Twentieth Australasian Conference on Australasian Database - Volume 92
Scalable and efficient reasoning for enforcing role-based access control

DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Supporting role based provisioning with rules using OWL and F-logic

OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
An access control language based on term rewriting and description logic

WFLP'10 Proceedings of the 19th international conference on Functional and constraint logic programming
Automatic error finding in access-control policies

Proceedings of the 18th ACM conference on Computer and communications security
A verifiable formal specification for RBAC model with constraints of separation of duty

Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
An OWL-Based approach for RBAC with negative authorization

KSEM'06 Proceedings of the First international conference on Knowledge Science, Engineering and Management
Mohawk: Abstraction-Refinement and Bound-Estimation for Verifying Access Control Policies

ACM Transactions on Information and System Security (TISSEC)
CA-ABAC: Class Algebra Attribute-Based Access Control

WI-IAT '12 Proceedings of the The 2012 IEEE/WIC/ACM International Joint Conferences on Web Intelligence and Intelligent Agent Technology - Volume 03

Quantified Score

Hi-index	0.00

Visualization

Abstract

Role-based access control (RBAC) is recognized as an excellent model for access control in large-scale networked applications. Formalization of RBAC in a logical approach makes it feasible to reason about a specified policy and verify its correctness. We propose a formalization of RBAC by the description logic language $\mathcal{ALCQ}$. We also show that the RBAC constraints can be captured by $\mathcal{ALCQ}$. Furthermore, we demonstrate how to make access control decision, perform the RBAC functions as well as check the consistency of RBAC via the description logic reasoner RACER.