• DocumentCode
    2078760
  • Title

    Analyzing First-Order Role Based Access Control

  • Author

    Cotrini, Carlos ; Weghorn, Thilo ; Basin, David ; Clavel, Manuel

  • fYear
    2015
  • fDate
    13-17 July 2015
  • Firstpage
    3
  • Lastpage
    17
  • Abstract
    We propose FORBAC, an extension of Role-Based Access Control (RBAC) based on first-order logic. FORBAC is expressive enough to formalize a wide range of access control policies. However, it is simple enough so that relevant policy analysis queries can be analyzed in NP, which we argue is a natural complexity class for this problem. To analyze queries efficiently, we reduce them to the problem of satisfiability modulo appropriate theories, and use off-the-shelf SMT solvers. We evaluate FORBAC´s expressiveness and our approach to policy analysis in a case study, analyzing access control in a European bank.
  • Keywords
    Authorization; Complexity theory; Polynomials; Radio frequency; Remuneration; Syntactics; Role based access control; authorization languages; first-order logic; policy analysis;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Foundations Symposium (CSF), 2015 IEEE 28th
  • Conference_Location
    Verona, Italy
  • Type

    conf

  • DOI
    10.1109/CSF.2015.8
  • Filename
    7243721
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2078760