ABSTRACT
Constraints in access control in general and separation of duty constraints in particular are an important area of research. There are two important issues relating to constraints: their specification and their enforcement. We believe that existing separation of duty specification schemes are rather complicated and that the few enforcement models that exist are unlikely to scale well.We examine the assumptions behind existing approaches to separation of duty and present a combined specification and implementation model for a class of constraints that includes separation of duty constraints. The specification model is set-based and has a simpler syntax than existing approaches. We discuss the enforcement of constraints and the relationship between static, dynamic and historical separation of duty constraints. Finally, we propose a model for a scalable role-based reference monitor, based on dynamic access control structures, that can be used to enforce constraints in an efficient manner.
- Abadi, M., and Fournet, C. Access control based on execution history. In Proceedings of 10th Annual Network and Distributed System Security Symposium (2003). To appear.Google Scholar
- Ahn, G.-J., and Sandhu, R. Role-based authorization constraints specification. ACM Transactions on Information and System Security 3, 4 (2000), 207--226. Google ScholarDigital Library
- Bell, D., and LaPadula, L. Secure computer systems: Unified exposition and Multics interpretation. Tech. Rep. MTR-2997, Mitre Corporation, Bedford, Massachusetts, 1976.Google ScholarCross Ref
- Bertino, E., Ferrari, E., and Atluri, V. The specification and enforcement of authorization constraints in workflow management systems. ACM Transactions on Information and System Security 2, 1 (1999), 65--104. Google ScholarDigital Library
- Brewer, D., and Nash, M. The Chinese Wall security policy. In Proceedings of 1989 IEEE Symposium on Security and Privacy (Oakland, California, 1989), IEEE Computer Society Press, pp. 206--214.Google ScholarCross Ref
- Clark, D., and Wilson, D. A comparison of commercial and military computer security policies. In Proceedings of 1987 IEEE Symposium on Security and Privacy (Oakland, California, 1987), pp. 184--194.Google ScholarCross Ref
- Crampton, J., and Loizou, G. Structural complexity of conflict of interest policies. Tech. Rep. BBKCS-00-07, Birkbeck College, University of London, 2000.Google Scholar
- Edjlali, G., Acharya, A., and Chaudhary, V. History-based access control for mobile code. In Proceedings of Fifth ACM Conference on Computer and Communications Security (1998), pp. 38--48. Google ScholarDigital Library
- Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D., and Chandramouli, R. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security 4, 3 (2001), 224--274. Google ScholarDigital Library
- Gavrila, S., and Barkley, J. Formal specification for role based access control user/role and role/role relationship management. In Proceedings of Third ACM Workshop on Role-Based Access Control (Fairfax, Virginia, 1998), pp. 81--90. Google ScholarDigital Library
- Gligor, V., Gavrila, S., and Ferraiolo, D. On the formal definition of separation-of-duty policies and their composition. In Proceedings of 1998 IEEE Symposium on Research in Security and Privacy (Oakland, California, 1998), pp. 172--183.Google ScholarCross Ref
- Jaeger, T., and Tidswell, J. Practical safety in flexible access control models. ACM Transactions on Information and System Security 4, 2 (2001), 158--190. Google ScholarDigital Library
- Nyanchama, M., and Osborn, S. The role graph model and conflict of interest. ACM Transactions on Information and System Security 2, 1 (1999), 3--33. Google ScholarDigital Library
- Sandhu, R. Transaction control expressions for separation of duties. In Proceedings of 4th Aerospace Computer Security Conference (Orlando, Florida, 1988), pp. 282--286.Google ScholarCross Ref
Index Terms
- Specifying and enforcing constraints in role-based access control
Recommendations
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Role-based authorization constraints specification
Constraints are an important aspect of role-based access control (RBAC) and are often regarded as one of the principal motivations behind RBAC. Although the importance of contraints in RBAC has been recogni zed for a long time, they have not recieved ...
Delegation in role-based access control
User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...
Comments