A Dynamic Description Logic Approach to Extended RBAC Model

Author

Ma, Li ; Ma, Shilong ; Sui, Yuefei

Author_Institution

Beijing Univ. of Aeronaut. & Astronaut., Beijing

Volume

1

fYear

2007

fDate

6-8 Dec. 2007

Firstpage

284

Lastpage

288

Abstract

Traditional RBAC model describes a static access control policy. As the development of network application, such as Web services, access control faces many new challenges, one of which is that access control policies need to protect not only static resources but also dynamic ones that are encapsulated in a service. In order to capture the flexibility of application, we specify a fine-grained control on individual users by introducing user attributes which are associated to user´s role and permission. We take the service as an action that changes some of user´s attributes so as to adjust users´ permission at run. In order to represent and reason on the access control automatically, we use the description logics combined with prepositional dynamic logic as a logic framework to construct a knowledge base for the access control and action rules, and semantically explain how a user´s permission can be changed at runtime.

Keywords

Web services; authorisation; formal logic; knowledge based systems; access control policy; action rules; description logics; dynamic description logic approach; extended RBAC model; fine-grained control; knowledge base; logic framework; prepositional dynamic logic; user attributes; user permission; user role; Access control; Aerodynamics; Application software; Automatic logic units; Computer science; Information processing; Laboratories; Permission; Protection; Qualifications;

fLanguage

English

Publisher

ieee

Conference_Titel

Future Generation Communication and Networking (FGCN 2007)

Conference_Location

Jeju

Print_ISBN

0-7695-3048-6

Type

conf

DOI

10.1109/FGCN.2007.8

Filename

4426134