Visual modeling and formal specification of constraints of RBAC using semantic web technology

Authors:
JuHum Kwon;Chang-Joo Moon
Affiliations:
Korea Air Force Central Computer Center, 321-929 Bunam-ri, Namseon-myeon, Gyeryong-si, Chungcheongnam-do 501-329, Republic of Korea;Department of Aerospace Information System Engineering, Konkuk University, 1 Hwayang-dong, Gwangjin-Gu, Seoul 143-701, Republic of Korea
Venue:
Knowledge-Based Systems
Year:
2007

Citing 14
Cited 2

Role-Based Access Control Models

Computer
Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
The role graph model and conflict of interest

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Role-based authorization constraints specification

ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
A graph-based formalism for RBAC

ACM Transactions on Information and System Security (TISSEC)
UML-Based Representation of Role-Based Access Control

WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
A Policy Language for a Pervasive Computing Environment

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Representation and reasoning for DAML-based policy and domain services in KAoS and nomads

AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
Role-Based Access Control

Role-Based Access Control
On mutually-exclusive roles and separation of duty

Proceedings of the 11th ACM conference on Computer and communications security
Privacy and Access Control Issues in Financial Enterprise Content Management

HICSS '05 Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS'05) - Track 4 - Volume 04
The Description Logic Handbook

The Description Logic Handbook

SecurOntology: A semantic web access control framework

Computer Standards & Interfaces
Basis for an integrated security ontology according to a systematic review of existing proposals

Computer Standards & Interfaces

Quantified Score

Hi-index	0.00

Visualization

Abstract

The role-based access control (RBAC) model has garnered great interest in the security community due to the flexible and secure nature of its applicability to the complex and sophisticated information system. One import aspect of RBAC is the enforcing of security policy, called constraint, which controls the behavior of components in RBAC. Much research has been conducted to specify constraints. However, more work is needed on the aspect of sharing information resources for providing better interoperability in the widely dispersed ubiquitous information system environment. This paper provides visual modeling of RBAC policy and specifies constraints of RBAC by employing a semantic web ontology language (OWL) to enhance understanding of constraints for machines and people in a ubiquitous computing environment. Using OWL, constraints were precisely formalized according to the constraint patterns and the effectiveness of OWL specification was demonstrated by showing the reasoning process.