Specification and classification of role-based authorization policies

G. J. Ahn

doi:10.1109/ENABL.2003.1231408

Specification and classification of role-based authorization policies

G. J. Ahn

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

17 Scopus citations

Abstract

Constraints are an important aspect of role-based access control (RBAC). Although the importance of constraints in RBAC has been recognized for a long time, they have not received much attention. In this paper we classify RBAC constraints into two major classes called prohibition constraints and obligation constraints. To specify these constraints, we utilize a formal language, named RCL2000. In this paper we show that prohibition, cardinality, and obligation constraints can be also represented in RCL2000.

Original language	English (US)
Title of host publication	Proceedings - 12th IEEE International Workshops on Enabling Technologies
Subtitle of host publication	Infrastructure for Collaborative Enterprises, WETICE 2003
Publisher	IEEE Computer Society
Pages	202-207
Number of pages	6
ISBN (Electronic)	0769519636
DOIs	https://doi.org/10.1109/ENABL.2003.1231408
State	Published - 2003
Externally published	Yes
Event	12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003 - Linz, Austria Duration: Jun 9 2003 → Jun 11 2003

Publication series

Name	Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE
Volume	2003-January
ISSN (Print)	1524-4547

Other

Other	12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003
Country/Territory	Austria
City	Linz
Period	6/9/03 → 6/11/03

Keywords

Access control
Authorization
Collaborative work
Computer crime
Computer errors
Conferences
Costs
Formal languages
Permission
Specification languages

ASJC Scopus subject areas

Software
Hardware and Architecture

Access to Document

10.1109/ENABL.2003.1231408

Cite this

Ahn, G. J. (2003). Specification and classification of role-based authorization policies. In Proceedings - 12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003 (pp. 202-207). Article 1231408 (Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE; Vol. 2003-January). IEEE Computer Society. https://doi.org/10.1109/ENABL.2003.1231408

Specification and classification of role-based authorization policies. / Ahn, G. J.
Proceedings - 12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003. IEEE Computer Society, 2003. p. 202-207 1231408 (Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE; Vol. 2003-January).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Ahn, GJ 2003, Specification and classification of role-based authorization policies. in Proceedings - 12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003., 1231408, Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE, vol. 2003-January, IEEE Computer Society, pp. 202-207, 12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003, Linz, Austria, 6/9/03. https://doi.org/10.1109/ENABL.2003.1231408

Ahn GJ. Specification and classification of role-based authorization policies. In Proceedings - 12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003. IEEE Computer Society. 2003. p. 202-207. 1231408. (Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE). doi: 10.1109/ENABL.2003.1231408

@inproceedings{6626c2fc4c21421ca3ea62ed318b4baa,

title = "Specification and classification of role-based authorization policies",

abstract = "Constraints are an important aspect of role-based access control (RBAC). Although the importance of constraints in RBAC has been recognized for a long time, they have not received much attention. In this paper we classify RBAC constraints into two major classes called prohibition constraints and obligation constraints. To specify these constraints, we utilize a formal language, named RCL2000. In this paper we show that prohibition, cardinality, and obligation constraints can be also represented in RCL2000.",

keywords = "Access control, Authorization, Collaborative work, Computer crime, Computer errors, Conferences, Costs, Formal languages, Permission, Specification languages",

author = "Ahn, {G. J.}",

note = "Publisher Copyright: {\textcopyright} 2003 IEEE.; 12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003 ; Conference date: 09-06-2003 Through 11-06-2003",

year = "2003",

doi = "10.1109/ENABL.2003.1231408",

language = "English (US)",

series = "Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE",

publisher = "IEEE Computer Society",

pages = "202--207",

booktitle = "Proceedings - 12th IEEE International Workshops on Enabling Technologies",

}

TY - GEN

T1 - Specification and classification of role-based authorization policies

AU - Ahn, G. J.

PY - 2003

Y1 - 2003

N2 - Constraints are an important aspect of role-based access control (RBAC). Although the importance of constraints in RBAC has been recognized for a long time, they have not received much attention. In this paper we classify RBAC constraints into two major classes called prohibition constraints and obligation constraints. To specify these constraints, we utilize a formal language, named RCL2000. In this paper we show that prohibition, cardinality, and obligation constraints can be also represented in RCL2000.

AB - Constraints are an important aspect of role-based access control (RBAC). Although the importance of constraints in RBAC has been recognized for a long time, they have not received much attention. In this paper we classify RBAC constraints into two major classes called prohibition constraints and obligation constraints. To specify these constraints, we utilize a formal language, named RCL2000. In this paper we show that prohibition, cardinality, and obligation constraints can be also represented in RCL2000.

KW - Access control

KW - Authorization

KW - Collaborative work

KW - Computer crime

KW - Computer errors

KW - Conferences

KW - Costs

KW - Formal languages

KW - Permission

KW - Specification languages

UR - http://www.scopus.com/inward/record.url?scp=84944399014&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84944399014&partnerID=8YFLogxK

U2 - 10.1109/ENABL.2003.1231408

DO - 10.1109/ENABL.2003.1231408

M3 - Conference contribution

AN - SCOPUS:84944399014

T3 - Proceedings of the Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE

SP - 202

EP - 207

BT - Proceedings - 12th IEEE International Workshops on Enabling Technologies

PB - IEEE Computer Society

T2 - 12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WETICE 2003

Y2 - 9 June 2003 through 11 June 2003

ER -

Specification and classification of role-based authorization policies

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this