Back to Search
Start Over
Role-based access control for a distributed calculus
- Source :
- Journal of Computer Security. 14:113-155
- Publication Year :
- 2006
- Publisher :
- IOS Press, 2006.
-
Abstract
- Role-based access control (RBAC) is increasingly attracting attention because it reduces the complexity and cost of security administration by interposing the notion of role in the assignment of permissions to users. In this paper, we present a formal framework relying on an extension of the $\pi$-calculus to study the behaviour of concurrent systems in a RBAC scenario. We define a type system ensuring that the specified policy is respected during computations, and a behavioural equivalence to equate systems. We then consider a more sophisticated feature that can be easily integrated in our framework, i.e., the possibility of automatically adding role activations and deactivations to processes to be run under a given policy (whenever possible). Finally, we show how the framework can be easily extended to express significant extensions of the core RBAC model, such as roles hierarchies or constraints determining the acceptability of the system components.
- Subjects :
- process calculi
Computer Networks and Communications
Computer science
business.industry
type systems
Process calculus
Distributed computing
behavioural equivalences
rbac
Access control
Hardware and Architecture
Role-based access control
Equivalence (formal languages)
Safety, Risk, Reliability and Quality
business
Software
Subjects
Details
- ISSN :
- 18758924 and 0926227X
- Volume :
- 14
- Database :
- OpenAIRE
- Journal :
- Journal of Computer Security
- Accession number :
- edsair.doi.dedup.....af254aeee096ac93283c64da7bbc97c0