DocumentCode :
2302838
Title :
Specification of role and attribute transitions for secure information system access
Author :
Evered, Mark
Author_Institution :
Sch. of Sci. & Technol., Univ. of New England, Armidale, NSW, Australia
fYear :
2012
fDate :
16-18 May 2012
Firstpage :
230
Lastpage :
235
Abstract :
In this paper, we describe a formal specification language (RASP) for expressing fine-grained access control constraints in information systems. The design of the language is motivated by two HIS case studies which demonstrate the complexity of the access constraints which arise if minimal (need-to-know) access is to be strictly enforced. RASP supports modularity, parameterization, role acquisition, constraint expressions and a symmetrical approach to role transitions and attribute transitions. No existing access control specification language supports all of these complex, realistic requirements.
Keywords :
authorisation; formal specification; specification languages; HIS case studies; RASP; access constraints; access control specification language; attribute transitions; constraint expressions; fine-grained access control constraints; formal specification language; minimal access; modularity; parameterization; role acquisition; role specification; role transitions; secure information system access; symmetrical approach; Access control; Complexity theory; Information systems; Medical services; Permission; Specification languages; access control; attributes; roles; security;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Digital Information and Communication Technology and it's Applications (DICTAP), 2012 Second International Conference on
Conference_Location :
Bangkok
Print_ISBN :
978-1-4673-0733-8
Type :
conf
DOI :
10.1109/DICTAP.2012.6215380
Filename :
6215380
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2302838
بازگشت