Title :
Design and specification of role based access control policies
Author :
Hitchens, M. ; Varadharajan, V.
Author_Institution :
Distributed Syst. & Network Security Res. Unit, Univ. of Western Sydney, Nepean, NSW, Australia
fDate :
8/1/2000 12:00:00 AM
Abstract :
The authors describe a language based approach to the specification of authorisation policies that can be used to support the range of access control policies in commercial object systems. They discuss the issues involved in the design of a language for role based access control systems. The notion of roles is used as a primitive construct within the language. The basic constructs of the language are discussed and the language is used to specify several access control policies such as role based access control; static and dynamic separation of duty delegation and joint action based access policies. The language is flexible and is able to capture meta-level operations, and it is often these features which are significant when it comas to the applicability of an access control system to practical real situations
Keywords :
authorisation; formal specification; specification languages; authorisation policies; joint action based access policies; language based approach; role based access control policies; separation of duty delegation; specification;
Journal_Title :
Software, IEE Proceedings -
DOI :
10.1049/ip-sen:20000792
