Full Text:   <1346>

CLC number: TP309.2

On-line Access: 

Received: 2001-06-08

Revision Accepted: 2001-09-20

Crosschecked: 0000-00-00

Cited: 0

Clicked: 3055

Citations:  Bibtex RefMan EndNote GB/T7714

-   Go to

Article info.
1. Reference List
Open peer comments

Journal of Zhejiang University SCIENCE A 2002 Vol.3 No.3 P.292~297


Consistency maintenance for constraint in role-based access control model

Author(s):  HAN Wei-li, CHEN Gang, YIN Jian-wei, DONG Jin-xiang

Affiliation(s):  State Key Laboratory of Computer Aided Design and Computer Graphics, Zhejiang University, Hangzhou 310027, China

Corresponding email(s):   weili_han@cs.zju.edu.cn

Key Words:  Consistency maintenance, Role-based access control, Product data management, Constraint

Share this article to: More

HAN Wei-li, CHEN Gang, YIN Jian-wei, DONG Jin-xiang. Consistency maintenance for constraint in role-based access control model[J]. Journal of Zhejiang University Science A, 2002, 3(3): 292~297.

@article{title="Consistency maintenance for constraint in role-based access control model",
author="HAN Wei-li, CHEN Gang, YIN Jian-wei, DONG Jin-xiang",
journal="Journal of Zhejiang University Science A",
publisher="Zhejiang University Press & Springer",

%0 Journal Article
%T Consistency maintenance for constraint in role-based access control model
%A HAN Wei-li
%A CHEN Gang
%A YIN Jian-wei
%A DONG Jin-xiang
%J Journal of Zhejiang University SCIENCE A
%V 3
%N 3
%P 292~297
%@ 1869-1951
%D 2002
%I Zhejiang University Press & Springer
%DOI 10.1631/jzus.2002.0292

T1 - Consistency maintenance for constraint in role-based access control model
A1 - HAN Wei-li
A1 - CHEN Gang
A1 - YIN Jian-wei
A1 - DONG Jin-xiang
J0 - Journal of Zhejiang University Science A
VL - 3
IS - 3
SP - 292
EP - 297
%@ 1869-1951
Y1 - 2002
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/jzus.2002.0292

constraint is an important aspect of role-based access control and is sometimes argued to be the principal motivation for role-based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule-based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD-PDM, an enterprise-oriented product data management (PDM) system.

Darkslateblue:Affiliate; Royal Blue:Author; Turquoise:Article


[1] Chen Fang, Sandhu, R. S., 1995. Constraints for Role-Based Access Control. In: 1st ACM Workshop on Role-Based Access Control. ACM, p.39-46.

[2] Laurence Cholvy, Frederic Cuppens, 1997. Analyzing Consistency of Security Policies. In: Proceedings of the 1997 IEEE Symposium on Security and Privacy. IEEE Press, Oakland, CA, USA. p.103-112

[3] Lupu, E., Sloman, M., 1997. Conflict Analysis for Management Policies. IFIP/IEEE International Symposium on Integrated Network Management (IM formerly known as ISINM 97), Chapman & Hall, San Diego.

[4] Lupu, E., Sloman, M., 1997a. A Policy Based Role Object Model. Proceedings of the 1st IEEE Enterprise Distributed Object Computing Workshop (EDOC'97), Gold Coast, Australia, p. 36-47.

[5] Lupu, E., Sloman, M., Yialelis, 1997b. Policy Based Roles for Distributed Systems Security. HP-Openview University Associated (HP-OVUA) Plenary Workshop, Madrid.

[6] Ribeiro, C., Zuete, A., Ferreira, P. et al, 2000. Security Policy Consistency. First Workshop on Rule-based Constraint Reasoning and Programming (CL2000), Imperial College, London, UK.

[7] Sandhu, R. S., Coyne, E. J., Feinstein, H. L., 1996. Role-Based Access Control Models. IEEE Computer, 29(2): 38-47.

[8] Sandhu, R. S., 1998. Role-Based Access Control. In: Advances in Computers, volume 46. Academic Press.

[9] Schaad, A., Moffett, J., Jacob, J., 2001. The Role-Based Access Control Sytem of a European Bank: A Case Study and Discussion. Sixth ACM Symposium on Access control models and technologies. Chantilly, VA USA, p.3-9.

[10] Shen Honghai, Prasun Dewan, 1994. Access Control for Collaborative Environments. In: Turner J. Kraut R eds. Proceedings of the ACM CSCW'92 Conference on Computer Supported Cooperative Work. New York: ACM Press, p.51-58.

[11] Zhang Dianlong, Lukhaub, H., Zorn, W., 2001. A Role-Based Access Control Model and Implementation for Data-Centric Enterprise Application. Proceedings of Third International Conferences, ICISC 2001. Xi'an, China, p.316-327.

Open peer comments: Debate/Discuss/Question/Opinion


Please provide your name, email address and a comment

Journal of Zhejiang University-SCIENCE, 38 Zheda Road, Hangzhou 310027, China
Tel: +86-571-87952783; E-mail: cjzhang@zju.edu.cn
Copyright © 2000 - Journal of Zhejiang University-SCIENCE