ACM Transactions on Programming Languages and Systems (TOPLAS)
On reduction-based process semantics
Selected papers of the thirteenth conference on Foundations of software technology and theoretical computer science
Role-Based Access Control Models
Computer
KLAIM: A Kernel Language for Agents Interaction and Mobility
IEEE Transactions on Software Engineering
Theoretical Computer Science
A logical framework for reasoning about access control models
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Bisimulations in the join-calculus
Theoretical Computer Science
A lightweight approach to specification and analysis of role-based access control extensions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Types and programming languages
Types and programming languages
Resource access control in systems of mobile agents
Information and Computation
PI-Calculus: A Theory of Mobile Processes
PI-Calculus: A Theory of Mobile Processes
A Formal Model for Role-Based Access Control Using Graph Transformation
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Decidability of Safety in Graph-Based Models for Access Control
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
A Distributed Calculus for Rôle-Based Access Control
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Typed behavioural equivalences for processes in the presence of subtyping
Mathematical Structures in Computer Science
On asynchrony in name-passing calculi
Mathematical Structures in Computer Science
Information and Computation
IEEE Security and Privacy
Role-based access control for boxed ambients
Theoretical Computer Science
Types for role-based access control of dynamic web data
WFLP'10 Proceedings of the 19th international conference on Functional and constraint logic programming
Hi-index | 0.00 |
Rôle-based access control (RBAC) is increasingly attracting attention because it reduces the complexity and cost of security administration by interposing the notion of rôle in the assignment of permissions to users. In this paper, we present a formal framework relying on an extension of the π-calculus to study the behaviour of concurrent systems in a RBAC scenario. We define a type system ensuring that the specified policy is respected during computations, and a behavioural equivalence to equate systems. We then consider a more sophisticated feature that can be easily integrated in our framework, i.e., the possibility of automatically adding rôle activations and deactivations to processes to be run under a given policy (whenever possible). Finally, we show how the framework can be easily extended to express significant extensions of the core RBAC model, such as rôles hierarchies or constraints determining the acceptability of the system components.