Role-based access control for a distributed calculus
Journal of Computer Security - Special issue on CSFW17
A type discipline for authorization policies
ACM Transactions on Programming Languages and Systems (TOPLAS) - Special Issue ESOP'05
Types for security in a mobile world
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
λ-RBAC: programming with role-based access control
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
A type discipline for authorization policies
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Dynamic access control in a concurrent object calculus
CONCUR'06 Proceedings of the 17th international conference on Concurrency Theory
Towards a formal analysis of dynamic reconfiguration in WS-BPEL
Intelligent Decision Technologies
Hi-index | 0.01 |
Rôle-based access control (RBAC) is increasingly attractingattention because it reduces the complexity andcost of security administration by interposing the notion ofrôle in the assignment of permissions to users. In this paper,we present a formal framework relying on an extension ofthe 驴 calculus to study the behavior of concurrent systemsin a RBAC scenario. We define a type system ensuring thatthe specified policy is respected during computations, and abisimulation to equate systems. The theory is then appliedto three meaningful examples, namely finding the 'minimal'policy to run a given system, refining a system to be rununder a given policy (whenever possible), and minimizingthe number of users in a given system without changing theoverall behavior.