loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Marius Schlegel and Peter Amthor

Affiliation: Technische Universität Ilmenau, Germany

Keyword(s): Security Engineering, Security Policies, Access Control, Role-based Access Control Models, RBAC, Heuristic Safety Analysis, Formal Methods.

Abstract: Despite defining a de-facto standard in model-based security engineering, role-based access control models still suffer from limited analysis capabilities. This is especially true for dynamic security properties in the lineage of HRU safety. As a consequence, despite of their widespread use for policy specification and implementation, it is difficult to provide and preserve correctness guarantees for such models. We propose a formal framework, called DRBAC, to resolve this dilemma: While retaining application-oriented model abstractions, our approach allows to configure their dynamics in terms of state transitions. This enables a security engineer to tailor both a model and its analysis method to certain safety-related analysis goals. We demonstrate this claim based on a practical security policy.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 34.200.248.66

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Schlegel, M. and Amthor, P. (2020). Beyond Administration: A Modeling Scheme Supporting the Dynamic Analysis of Role-based Access Control Policies. In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT; ISBN 978-989-758-446-6; ISSN 2184-7711, SciTePress, pages 431-442. DOI: 10.5220/0009834304310442

@conference{secrypt20,
author={Marius Schlegel. and Peter Amthor.},
title={Beyond Administration: A Modeling Scheme Supporting the Dynamic Analysis of Role-based Access Control Policies},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT},
year={2020},
pages={431-442},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009834304310442},
isbn={978-989-758-446-6},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - SECRYPT
TI - Beyond Administration: A Modeling Scheme Supporting the Dynamic Analysis of Role-based Access Control Policies
SN - 978-989-758-446-6
IS - 2184-7711
AU - Schlegel, M.
AU - Amthor, P.
PY - 2020
SP - 431
EP - 442
DO - 10.5220/0009834304310442
PB - SciTePress