如何使用事件和规则来支持基于角色的安全?(邀请报告)

17th International Workshop on Database and Expert Systems Applications (DEXA'06) Pub Date : 2006-09-04 DOI:10.1109/DEXA.2006.68

R. Adaikkalavan, Sharma Chakravarthy

{"title":"如何使用事件和规则来支持基于角色的安全?(邀请报告)","authors":"R. Adaikkalavan, Sharma Chakravarthy","doi":"10.1109/DEXA.2006.68","DOIUrl":null,"url":null,"abstract":"Role-based access control, where object accesses are controlled by roles (or job functions) is a more feasible alternative to traditional access control mechanisms. Constraints play a critical role in realizing and providing finegrained RBAC in diverse domains such as P2P and grid computing. In this paper, we have shown how events and authorization rules are used to provide fine-grained RBAC. First, simple events are identified for the RBAC domain. Second, various event operators for modeling constraints such as precedence, non-occurrence, dependency and their combinations are introduced. Third, how event-based RBAC policies are specified using both simple and complex events are discussed. Finally, how the proposed fine-grained RBAC policies can be exploited for P2P resource management is discussed","PeriodicalId":282986,"journal":{"name":"17th International Workshop on Database and Expert Systems Applications (DEXA'06)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"How to Use Events and Rules for Supporting Role-Based Security? (Invited Paper)\",\"authors\":\"R. Adaikkalavan, Sharma Chakravarthy\",\"doi\":\"10.1109/DEXA.2006.68\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Role-based access control, where object accesses are controlled by roles (or job functions) is a more feasible alternative to traditional access control mechanisms. Constraints play a critical role in realizing and providing finegrained RBAC in diverse domains such as P2P and grid computing. In this paper, we have shown how events and authorization rules are used to provide fine-grained RBAC. First, simple events are identified for the RBAC domain. Second, various event operators for modeling constraints such as precedence, non-occurrence, dependency and their combinations are introduced. Third, how event-based RBAC policies are specified using both simple and complex events are discussed. Finally, how the proposed fine-grained RBAC policies can be exploited for P2P resource management is discussed\",\"PeriodicalId\":282986,\"journal\":{\"name\":\"17th International Workshop on Database and Expert Systems Applications (DEXA'06)\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-09-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"17th International Workshop on Database and Expert Systems Applications (DEXA'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DEXA.2006.68\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"17th International Workshop on Database and Expert Systems Applications (DEXA'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DEXA.2006.68","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

基于角色的访问控制，其中对象访问由角色(或工作功能)控制，是比传统访问控制机制更可行的替代方案。在P2P和网格计算等不同领域中，约束在实现和提供细粒度RBAC方面发挥着关键作用。在本文中，我们展示了如何使用事件和授权规则来提供细粒度的RBAC。首先，为RBAC域识别简单事件。其次，介绍了用于建模约束的各种事件操作符，如优先、不发生、依赖及其组合。第三，讨论了如何使用简单事件和复杂事件指定基于事件的RBAC策略。最后，讨论了如何利用所提出的细粒度RBAC策略进行P2P资源管理

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

How to Use Events and Rules for Supporting Role-Based Security? (Invited Paper)

Role-based access control, where object accesses are controlled by roles (or job functions) is a more feasible alternative to traditional access control mechanisms. Constraints play a critical role in realizing and providing finegrained RBAC in diverse domains such as P2P and grid computing. In this paper, we have shown how events and authorization rules are used to provide fine-grained RBAC. First, simple events are identified for the RBAC domain. Second, various event operators for modeling constraints such as precedence, non-occurrence, dependency and their combinations are introduced. Third, how event-based RBAC policies are specified using both simple and complex events are discussed. Finally, how the proposed fine-grained RBAC policies can be exploited for P2P resource management is discussed

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

17th International Workshop on Database and Expert Systems Applications (DEXA'06)

自引率

0.00%

发文量

期刊最新文献

Visualization and Bayesian Nets to link Business Aims Interaction Styles for Service Discovery in Mobile Business Applications Service and Resource Discovery Using P2P An Integrity Semantics for Open World Databases Requirements on the Use of Goal-Directed Imitation for Self-Adaptation