Title :
A Dynamic Description Logic Approach to Extended RBAC Model
Author :
Ma, Li ; Ma, Shilong ; Sui, Yuefei
Author_Institution :
Beijing Univ. of Aeronaut. & Astronaut., Beijing
Abstract :
Traditional RBAC model describes a static access control policy. As the development of network application, such as Web services, access control faces many new challenges, one of which is that access control policies need to protect not only static resources but also dynamic ones that are encapsulated in a service. In order to capture the flexibility of application, we specify a fine-grained control on individual users by introducing user attributes which are associated to user´s role and permission. We take the service as an action that changes some of user´s attributes so as to adjust users´ permission at run. In order to represent and reason on the access control automatically, we use the description logics combined with prepositional dynamic logic as a logic framework to construct a knowledge base for the access control and action rules, and semantically explain how a user´s permission can be changed at runtime.
Keywords :
Web services; authorisation; formal logic; knowledge based systems; access control policy; action rules; description logics; dynamic description logic approach; extended RBAC model; fine-grained control; knowledge base; logic framework; prepositional dynamic logic; user attributes; user permission; user role; Access control; Aerodynamics; Application software; Automatic logic units; Computer science; Information processing; Laboratories; Permission; Protection; Qualifications;
Conference_Titel :
Future Generation Communication and Networking (FGCN 2007)
Conference_Location :
Jeju
Print_ISBN :
0-7695-3048-6
DOI :
10.1109/FGCN.2007.8
