Sciweavers

CSE
2009
IEEE

A Framework for Enforcing Constrained RBAC Policies

14 years 7 months ago
A Framework for Enforcing Constrained RBAC Policies
—Constraints are an important part of role-based access control policies. The safety or security of a system is maintained by enforcing constraints that are specified in the policy. In order to decide whether an access request is authorized, existing constraint enforcement mechanisms perform both authorization checking, which verifies that the requested operation is sufficiently authorized, and constraint checking, which checks whether permitting the operation would violate any constraint. The decision functions of large-scale systems, where hundreds of requests arise concurrently, require relatively simple decisionmaking algorithms. Performing constraint checking when deciding whether an access request is authorized introduces an additional overhead. In this paper, we describe a new framework for enforcing constraints that only requires us to perform authorization checking when deciding an access request. Essentially, we transform the constraint checking problem into an authoriza...
Jason Crampton, Hemanth Khambhammettu
Added 20 May 2010
Updated 20 May 2010
Type Conference
Year 2009
Where CSE
Authors Jason Crampton, Hemanth Khambhammettu
Comments (0)