Sciweavers

SACMAT
2003
ACM

Dependencies and separation of duty constraints in GTRBAC

14 years 4 months ago
Dependencies and separation of duty constraints in GTRBAC
A Generalized Temporal Role Based Access Control (GTRBAC) model that captures an exhaustive set of temporal constraint needs for access control has recently been proposed. GTRBAC’s language constructs allow one to specify various temporal constraints on role, user-role assignments and role-permission assignments. In this paper, we identify various time-constrained cardinality, control flow dependency and separation of duty constraints (SoDs). Such constraints allow specification of dynamically changing access control requirements that are typical in today’s large systems. In addition to allowing specification of time, the constraints introduced here also allow expressing access control policies at a finer granularity. The inclusion of control flow dependency constraints allows defining much stricter dependency requirements that are typical in workflow types of applications. Categories and Subject Descriptors D.4.6 [Security and Protection]: Access control; H.2.7 [Database Administ...
James Joshi, Basit Shafiq, Arif Ghafoor, Elisa Ber
Added 05 Jul 2010
Updated 05 Jul 2010
Type Conference
Year 2003
Where SACMAT
Authors James Joshi, Basit Shafiq, Arif Ghafoor, Elisa Bertino
Comments (0)