CLC number: TP309.2
On-line Access:
Received: 2001-06-08
Revision Accepted: 2001-09-20
Crosschecked: 0000-00-00
Cited: 0
Clicked: 5122
HAN Wei-li, CHEN Gang, YIN Jian-wei, DONG Jin-xiang. Consistency maintenance for constraint in role-based access control model[J]. Journal of Zhejiang University Science A, 2002, 3(3): 292-297.
@article{title="Consistency maintenance for constraint in role-based access control model",
author="HAN Wei-li, CHEN Gang, YIN Jian-wei, DONG Jin-xiang",
journal="Journal of Zhejiang University Science A",
volume="3",
number="3",
pages="292-297",
year="2002",
publisher="Zhejiang University Press & Springer",
doi="10.1631/jzus.2002.0292"
}
%0 Journal Article
%T Consistency maintenance for constraint in role-based access control model
%A HAN Wei-li
%A CHEN Gang
%A YIN Jian-wei
%A DONG Jin-xiang
%J Journal of Zhejiang University SCIENCE A
%V 3
%N 3
%P 292-297
%@ 1869-1951
%D 2002
%I Zhejiang University Press & Springer
%DOI 10.1631/jzus.2002.0292
TY - JOUR
T1 - Consistency maintenance for constraint in role-based access control model
A1 - HAN Wei-li
A1 - CHEN Gang
A1 - YIN Jian-wei
A1 - DONG Jin-xiang
J0 - Journal of Zhejiang University Science A
VL - 3
IS - 3
SP - 292
EP - 297
%@ 1869-1951
Y1 - 2002
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/jzus.2002.0292
Abstract: constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule-based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-oriented product data management (PDM) system.
[1] Chen Fang, Sandhu, R. S., 1995. Constraints for Role-Based Access Control. In: 1st ACM Workshop on Role-Based Access Control. ACM, p.39-46.
[2] Laurence Cholvy, Frederic Cuppens, 1997. Analyzing Consistency of Security Policies. In: Proceedings of the 1997 IEEE Symposium on Security and Privacy. IEEE Press, Oakland, CA, USA. p.103-112
[3] Lupu, E., Sloman, M., 1997. Conflict Analysis for Management Policies. IFIP/IEEE International Symposium on Integrated Network Management (IM formerly known as ISINM 97), Chapman & Hall, San Diego.
[4] Lupu, E., Sloman, M., 1997a. A Policy Based Role Object Model. Proceedings of the 1st IEEE Enterprise Distributed Object Computing Workshop (EDOC'97), Gold Coast, Australia, p. 36-47.
[5] Lupu, E., Sloman, M., Yialelis, 1997b. Policy Based Roles for Distributed Systems Security. HP-Openview University Associated (HP-OVUA) Plenary Workshop, Madrid.
[6] Ribeiro, C., Zuete, A., Ferreira, P. et al, 2000. Security Policy Consistency. First Workshop on Rule-based Constraint Reasoning and Programming (CL2000), Imperial College, London, UK.
[7] Sandhu, R. S., Coyne, E. J., Feinstein, H. L., 1996. Role-Based Access Control Models. IEEE Computer, 29(2): 38-47.
[8] Sandhu, R. S., 1998. Role-Based Access Control. In: Advances in Computers, volume 46. Academic Press.
[9] Schaad, A., Moffett, J., Jacob, J., 2001. The Role-Based Access Control Sytem of a European Bank: A Case Study and Discussion. Sixth ACM Symposium on Access control models and technologies. Chantilly, VA USA, p.3-9.
[10] Shen Honghai, Prasun Dewan, 1994. Access Control for Collaborative Environments. In: Turner J. Kraut R eds. Proceedings of the ACM CSCW'92 Conference on Computer Supported Cooperative Work. New York: ACM Press, p.51-58.
[11] Zhang Dianlong, Lukhaub, H., Zorn, W., 2001. A Role-Based Access Control Model and Implementation for Data-Centric Enterprise Application. Proceedings of Third International Conferences, ICISC 2001. Xi'an, China, p.316-327.
Open peer comments: Debate/Discuss/Question/Opinion
<1>