2006 | OriginalPaper | Buchkapitel
Using Description Logic to Determine Seniority Among RB-RBAC Authorization Rules
verfasst von : Qi Xie, Dayou Liu, Haibo Yu
Erschienen in: Rough Sets and Knowledge Technology
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Rule-Based RBAC (RB-RBAC) provides the mechanism to dynamically assign users to roles based on authorization rules defined by security policy. In RB-RBAC, seniority levels of rules are also introduced to express domination relationship among rules. Hence, relations among attribute expressions may be quite complex and security officers may perform incorrect or unintended assignments if they are not aware of such relations behind authorization rules. We proposed a formalization of RB-RBAC by description logic. A seniority relation determination method is developed based on description logic reasoning services. This method can find out seniority relations efficiently even for rules without identical syntax structures.