Authors:
Andreas Sonnenbichler
and
Andreas Geyer-Schulz
Affiliation:
Karlsruhe Institute of Technology, Germany
Keyword(s):
Access Control, ADQL, Formal Language, Meta Language, Access Control Service.
Related
Ontology
Subjects/Areas/Topics:
Access Control
;
Data Engineering
;
Databases and Data Security
;
Information and Systems Security
;
Internet Technology
;
Web Information Systems and Technologies
Abstract:
We suggest a full specified formal language, the Access Definition and Query Language (ADQL). It has been designed to define access control models, facts, policies, and queries. ADQL, therefore, has the features of a meta language: It can be configured to act like known access control models e.g. as Bell-LaPadula, RBAC and its extensions and applications (e.g. SAP R/3), but also it can implement new models. Because of this, ADQL is highly flexible. Nevertheless, ADQL is not only a meta-language, but also allows to define facts, policies and queries. It has been implemented as a software service. It can be used as external authorization component for other applications and services. Through its flexibility many access control models can be supported.