Role updating in information systems using model checking

被引：3

作者：

Hu, Jinwei ^{[1
]}

Khan, Khaled M. ^{[1
,4
]}

Zhang, Yan ^{[2
]}

Bai, Yun ^{[2
]}

Li, Ruixuan ^{[3
]}

机构：

[1] Qatar Univ, Doha, Qatar

[2] Western Sydney Univ, Penrith, NSW, Australia

[3] Huazhong Univ Sci & Technol, Wuhan, Peoples R China

[4] Qatar Univ, Coll Engn, KINDI Lab, Dept Comp Sci & Engn, POB 2713, Doha, Qatar

来源：

KNOWLEDGE AND INFORMATION SYSTEMS | 2017年 / 51卷 / 01期

关键词：

Role-based access control (RBAC); Role updating; Role hierarchy; Role engineering; Model checking; Computational complexity; VERIFICATION;

D O I：

10.1007/s10115-016-0974-4

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

The role-based access control (RBAC) has significantly simplified the management of users and permissions in information systems. In dynamic environments, systems are constantly undergoing changes, and accordingly, the associated configurations need to be updated in order to reflect the systems' security evolutions. However, such updating process is generally complicated as the resulting system state is expected to meet necessary constraints. This paper presents an approach for assisting administrators to make a desirable update, in light of changes in RBAC systems. We propose a formalization of the update approach, investigate its properties, and develop an updating algorithm based on model checking techniques. Our experimental results demonstrate the effectiveness of the proposed approach.

引用

页码：187 / 234

页数：48

共 55 条

[1] Ahmed T., 2003, SACMAT '03, P196, DOI DOI 10.1145/775412.775438
[2] [Anonymous], 1979, Computers and Intractablity: A Guide to the Theory of NP-Completeness
[3] [Anonymous], 2005, P 12 ACM C COMP COMM
[4] Baral Chitta, 2010, Knowledge Representation, Reasoning and Declarative Problem Solving
[5] Bauer L, 2008, SACMAT'08: PROCEEDINGS OF THE 13TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, P185
[6] Cimatti A., 2002, Computer Aided Verification. 14th International Conference, CAV 2002. Proceedings (Lecture Notes in Computer Science Vol.2404), P359
[7] Clarke EM, 1999, MODEL CHECKING, P1
[8] Colantonio A, 2010, LECT NOTES COMPUT SC, V6166, P303, DOI 10.1007/978-3-642-13739-6_21
[9] Colantonio A, 2009, SACMAT'09: PROCEEDINGS OF THE 14TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, P85, DOI 10.1145/1542207.1542223
[10] Coyne EJ, 1995, ACM WORKSH ROL BAS A

← 1 2 3 4 5 6 →