Manuel Koch
Abstract
Role-Based Access Control (RBAC) is supported directly or in a closely related form, by a number of products. This article presents a formalization of RBAC using graph transformations that is a graphical specification technique based on a generalization of classical string grammars to nonlinear structures. The proposed formalization provides an intuitive description for the manipulation of graph structures as they occur in information systems access control and a precise specification of static and dynamic consistency conditions on graphs and graph transformations. The formalism captures the RBAC models published in the literature, and also allows a uniform treatment of user roles and administrative roles, and a detailed analysis of the decentralization of administrative roles.
- Aho, A. V., Garey, M. R., and Ullman, J. D. 1972. The transitive reduction of a directed graph. SIAM J. Comput. 1, 2, 131--137.Google Scholar
Digital Library
- Baldwin, R. 1990. Naming & grouping privileges to simplify security management in large databases. In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy. IEEE Computer Society Press, Los Alamitos, Calif., pp. 116--132.Google ScholarCross Ref
- Ehrig, H., Engels, G., Kreowski, H.-J., and Rozenberg, G., Eds. 1999. Handbook of Graph Grammars and Computing by Graph Transformations. Vol. II: Applications, Languages, and Tools. World Scientific. Google ScholarDigital Library
- Ferraiolo, D. F., Sandhu, R., Gavrila, S., Kuhn, D. R., and Chandramouli, R. 2001. Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secu. 4, 3, 222--274. Google ScholarDigital Library
- Gavrila, S. I. and Barkley, J. F. 1998. Formal specification for role based access control user/role and role/role relationship management. In Proceedings of 3rd ACM Workshop on Role-Based Access Control. ACM, New York, pp. 81--90. Google ScholarDigital Library
- Grosse-Rhode, M., Parisi-Presicce, F., and Simeoni, M. 2000. Refinements of graph transformation systems via rule expressions. In Proceedings of TAGT'98, H. Ehrig, G. Engels, H.-J. Kreowski, and G. Rozenberg, eds. Lecture Notes in Computer Science, vol. 1764. Springer-Verlag, New York, pp. 368--382. Google ScholarDigital Library
- Heckel, R., and Wagner, A. 1995. Ensuring consistency of conditional graph grammars--A constructive approach. In Proceedings of SEGRAGRA'95, Volume 2 of Electronic Notes of TCS A. Corradini, and U. Montanari, eds. Elsevier North-Holland, Amsterdam, The Netherlands, pp. 95--103. http://www.elsevier.nl/locate/entcs/volume2.html.Google Scholar
- Koch, M., Mancini, L. V., and Parisi-Presicce, F. 2000. A formal model for role-based access control using graph transformation. In Proceedings of the 6th European Symposium on Research in Computer Security (ESORICS 2000) F. Cuppens. et al. eds. Lecture Notes in Computer Science, vol. 1895. Springer Verlag, New York, pp. 122--139. Google ScholarDigital Library
- Koch, M., Mancini, L. V., and Parisi-Presicce, F. 2001. On the specification and evolution of access control policies. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies ACM, New York, pp. 121--130. Google ScholarDigital Library
- Koch, M., Mancini, L. V., and Parisi-Presicce, F. 2002. Decidability of safety in graph-based models for access control. In Proceedings of the 7th European Symposium on Research in Computer Security (ESORICS 2002), Lecture Notes in Computer Science, to appear. Google ScholarDigital Library
- Nyanchama, M., and Osborn, S. 1994. Access right administration in role-based security systems. In Proceedings of IFIP WG 11.3 Database Security, Vol. VIII. North Holland, Amsterdam, The Netherlands, pp. 37--56. Google ScholarDigital Library
- Nyanchama, M., and Osborn, S. 1999. The role graph model and conflict of interest. ACM Trans. Inf. Syst. Sec. 1, 2, 3--33. Google ScholarDigital Library
- Osborn, S., Sandhu, R., and Munawer, Q. 2000. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans. Inf. Syst. Sec. 3, 2, 85--106. Google ScholarDigital Library
- Rozenberg, G., ed. 1997. Handbook of Graph Grammars and Computing by Graph Transformations. Vol. I: Foundations. World Scientific. Google ScholarDigital Library
- Sandhu, R. S. 1998. Role-based access control. In Advances in Computers, Vol. 46. Academic Press, Orlands, Fla.Google Scholar
- Sandhu, R. S., Bhamidipati, V., and Munawer, Q. 1999. The ARBAC97 model for role-based administration of roles. ACM Transactions on Information and System Security 2, 1, 105--135. Google ScholarDigital Library
- Sandhu, R. S., Coyne, E., Feinstein, H., and Youman, C. 1996. Role-based access control models. IEEE Comput. 29, 2, 38--47. Google ScholarDigital Library
- Sandhu, R., Ferraiolo, D., and Kuhn, R. 2000. The NIST Model for Role-Based Access Control: Towards A Unified Standard. In Proceedings of the 5th ACM Workshop on Role-Based Access Control. ACM, New York, pp. 47--63. Google ScholarDigital Library
Index Terms
- A graph-based formalism for RBAC
Recommendations
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
DW-RBAC: A formal security model of delegation and revocation in workflow systems
One reason workflow systems have been criticized as being inflexible is that they lack support for delegation. This paper shows how delegation can be introduced in a workflow system by extending the role-based access control (RBAC) model. The current ...
A delegation model for extended RBAC
In the field of access control, delegation is an important aspect that is considered part of the administration mechanism. Thus, a comprehensive access control model must provide a flexible administration model to manage delegation and revocation. ...
Reviews
Stephen D. Wolthusen
Role-based access control mechanisms (RBACs) have emerged as a viable mechanism for providing models of security policies for civilian applications, combining the requisite flexibility for modeling delegation with fine-grained control over resources and subject behavior. The authors describe a mechanism for representing RBAC model states in the form of graph structures, with transformations on these structures used to reflect operations on states. This graphical representation permits the visualization of access control structures and the verification of consistency constraints on the overall model. The authors demonstrate the construction of RBAC models by defining consistency properties in the form of graphical constraints, and by automatically deriving conditions for all operations of the model in the form of graph transformation rules. The formalism is shown to be sufficient for modeling advanced RBAC constructs, including decentralized role administration. While the proposed model also represents a viable model for visualization of existing models, the computational complexity of verification mechanisms based on graph transformation limits the overall graph complexity that can be handled. This does not constitute a severe limitation, however, as overly complex access control models are to be avoided on principle. Online Computing Reviews Service
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments