Abstract
Access control is a significant issue in any secure database system. In this paper, we develop a logic programming based approach for temporal decentralized authorization administration in which users can be delegated, granted or forbidden some access rights for restricted periods of time. Three major aspects are taken into consideration for the semantics of the program, the temporal authorization delegation correctness, temporal authorization propagation and temporal authorization conflict resolution. In particular, a conflict resolution method based on the underlying delegation relation and temporal relation is presented, which can support controlled temporal delegation, temporal authorization suspension or exception and the automatic authorization update. The approach provides users a useful way to express complex security policy with time constraints.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Allen, J.F.: Towards a general theory of action and time. Artificial Intelligence 23, 123–154 (1984)
Barker, S.: Data protection by logic programming. In: Palamidessi, C., Moniz Pereira, L., Lloyd, J.W., Dahl, V., Furbach, U., Kerber, M., Lau, K.-K., Sagiv, Y., Stuckey, P.J. (eds.) CL 2000. LNCS (LNAI), vol. 1861, pp. 1300–1314. Springer, Heidelberg (2000)
Bertino, E., Bettini, C., Ferrari, E., Samarati, P.: A temporal access control mechanism for database systems. IEEE Trans. on KDE 8(1), 67–80 (1996)
Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: A temporal role-based access control model. ACM Trans. on Information and System Security 4(3), 191–233 (2001)
Gelfond, M., Lifschitz, V.: Classical negation in logic programs and disjunctive databases. New Generation Computing 9, 365–385 (1991)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ruan, C., Varadharajan, V. (2003). Decentralized Temporal Authorization Administration. In: Mařík, V., Retschitzegger, W., Štěpánková, O. (eds) Database and Expert Systems Applications. DEXA 2003. Lecture Notes in Computer Science, vol 2736. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45227-0_89
Download citation
DOI: https://doi.org/10.1007/978-3-540-45227-0_89
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40806-2
Online ISBN: 978-3-540-45227-0
eBook Packages: Springer Book Archive