Art der Veröffentlichung: |
Artikel in Konferenzband |
Autor: |
Till Mossakowski, Michael Drouineaud, Karsten Sohr |
Titel: |
A temporal-logic extension of role-based access control covering dynamic separation of duties |
Buch / Sammlungs-Titel: |
Proceedings of the 4th International Conference on Temporal Logic, |
Seite(n): |
83 – 90 |
Erscheinungsjahr: |
2003 |
Verleger: |
IEEE Computer Society Press |
Abstract / Kurzbeschreibung: |
Security policies play an important role in today's computer systems. We show some severe limitations of the wide-spread standard role-based
access control (RBAC) model, namely that object-based dynamic separation
of duty as introduced by Nash and Poland cannot be expressed with it. We
suggest to overcome these limitations by extending the RBAC model with an
execution history. The natural next step is then to add temporal logic for the
specication of execution orders. We show that with this, object-based dynamic
separation of duty, as well as other policies, can be adequately specied. |
PDF Version: |
http://www.informatik.uni-bremen.de/~till/papers/RBAC-dyn2.pdf |
PostScript Version: |
http://www.informatik.uni-bremen.de/~till/papers/RBAC-dyn2.ps |
Status: |
Reviewed |
Letzte Aktualisierung: |
15. 06. 2004 |