Specification and classification of role-based authorization policies

Research output: Chapter in Book/Report/Conference proceedingConference contribution

15 Scopus citations

Abstract

Constraints are an important aspect of role-based access control (RBAC). Although the importance of constraints in RBAC has been recognized for a long time, they have not received much attention. In this paper we classify RBAC constraints into two major classes called prohibition constraints and obligation constraints. To specify these constraints, we utilize a formal language, named RCL2000. In this paper we show that prohibition, cardinality, and obligation constraints can be also represented in RCL2000.

Original languageEnglish (US)
Title of host publicationProceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE
PublisherIEEE Computer Society
Pages202-207
Number of pages6
Volume2003-January
ISBN (Print)0769519636
DOIs
Publication statusPublished - 2003
Externally publishedYes
Event12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003 - Linz, Austria
Duration: Jun 9 2003Jun 11 2003

Other

Other12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003
CountryAustria
CityLinz
Period6/9/036/11/03

    Fingerprint

Keywords

  • Access control
  • Authorization
  • Collaborative work
  • Computer crime
  • Computer errors
  • Conferences
  • Costs
  • Formal languages
  • Permission
  • Specification languages

ASJC Scopus subject areas

  • Hardware and Architecture
  • Software

Cite this

Ahn, G-J. (2003). Specification and classification of role-based authorization policies. In Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE (Vol. 2003-January, pp. 202-207). [1231408] IEEE Computer Society. https://doi.org/10.1109/ENABL.2003.1231408