Abstract
The role-based access control (RBAC) has significantly simplified the management of users and permissions in computing systems. In dynamic environments, systems are usually undergoing changes, whereas the associated user-role, role-role and role-permission relations need to be updated accordingly in order to reflect the systems' evolutions. However, such updating process is generally complicated as the resulting system state is expected to meet necessary constraints. This paper presents an approach for assisting administrators with the update task: using this approach, it is possible to check, in an automatic way, whether a required update is achievable or not, and if so, a reference model will be produced. In light of this model, administrators could fulfill the changes to RBAC systems. We propose a formalization of the update approach, investigate its properties, and develop an updating algorithm based on model checking techniques. Our experimental results demonstrate the effectiveness of our approach.
| Original language | English |
|---|---|
| Title of host publication | SACMAT'10: Proceedings of the 15th Symposium on Access Control Models and Technologies, June 9-11, 2010, Pittsburgh, Pennsylvania, USA |
| Publisher | Association for Computing Machinery |
| Pages | 89-98 |
| Number of pages | 10 |
| ISBN (Print) | 9781450300490 |
| DOIs | |
| Publication status | Published - 2010 |
| Event | ACM Symposium on Access Control Models and Technologies - Duration: 9 Jun 2010 → … |
Conference
| Conference | ACM Symposium on Access Control Models and Technologies |
|---|---|
| Period | 9/06/10 → … |