Sciweavers

SACMAT
2003
ACM

An approach to engineer and enforce context constraints in an RBAC environment

14 years 5 months ago
An approach to engineer and enforce context constraints in an RBAC environment
This paper presents an approach that uses special purpose RBAC constraints to base certain access control decisions on context information. In our approach a context constraint is defined as a dynamic RBAC constraint that checks the actual values of one or more contextual attributes for predefined conditions. If these conditions are satisfied, the corresponding access request can be permitted. Accordingly, a conditional permission is an RBAC permission which is constrained by one or more context constraints. We present an engineering process for context constraints, that is based on goal-oriented requirements engineering techniques, and describe how we extended the design and implementation of an existing RBAC service to enable the enforcement of context constraints. With our approach we aim to preserve the advantages of RBAC, and offer an additional means for the definition and enforcement of fine-grained context-dependent access control policies. Categories and Subject Descript...
Gustaf Neumann, Mark Strembeck
Added 05 Jul 2010
Updated 05 Jul 2010
Type Conference
Year 2003
Where SACMAT
Authors Gustaf Neumann, Mark Strembeck
Comments (0)