A temporal-logic extension of role-based access control covering dynamic separation of duties

Proceedings of the International Workshop on Temporal Representation and Reasoning

Volumn 2003-January, Issue , 2003, Pages 83-90

  Mossakowski, Till ^a   Drouineaud, Michael ^a   Sohr, Karsten ^a  

^a UNIVERSITY OF BREMEN   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

NETWORK SECURITY; SEPARATION; TEMPORAL LOGIC;

DYNAMIC SEPARATION OF DUTY; EXECUTION HISTORY; OBJECT BASED; RBAC MODEL; ROLE-BASED ACCESS CONTROL; ROLE-BASED ACCESS CONTROL MODEL; SECURITY POLICY; WIDE SPREADS;

ACCESS CONTROL;

EID: 84944044323     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/TIME.2003.1214883     Document Type: Conference Paper

References (20)

1. G.-J. Ahn. The RCL 2000 language for specifying rolebased authorization constraints. PhD thesis, George Mason University, Fairfax, Virginia, 1999.
2. G.-J. Ahn and R. Sandhu. Role-based authorization constraints specification. ACMTransactions on Information and System Security, 3(4):207-226, Nov. 2000.
3. E. Astesiano, M. Bidoit, H. Kirchner, B. Krieg-Brückner, P. D. Mosses, D. Sannella, and A. Tarlecki. CASL: the Common Algebraic Specification Language. Theoret. Comput. Sci., 286:153-196, 2002.
4. E. Bertino, P. A. Bonatti, and E. Ferrari. TRBAC: A temporal role-based access control model. ACM Transactions on Information and System Security, 4(3):191-223, Aug. 2001.
5. A. D. Brucker, F. Rittinger, and B. Wolff. The CVSserver case study: A formalized security architecture. In D. Haneberg, G. Schellhorn, and W. Reif, editors, FMTOOLS 2002, number 2002-11 in Technical Report, pages 47-52. Augsburg, July 2002.
6. D. D. Clark and D. R. Wilson. A comparison of commercial and military computer security policies. Proceedings of the 1987 IEEE Symposium on Security and Privacy, pages 184-194, 1987.
7. C. Eckert. IT-Sicherheit: Konzepte, Verfahren, Protokolle. R. Oldenbourg Verlag, 2001.
8. D. Ferraiolo, D. Gilbert, and N. Lynch. An examination of federal and commercial access control policy needs. In Proc. of the NIST-NCSC Nat. (U.S.) Comp. Security Conference, pages 107-116, 1993.
9. D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. R. Kuhn, and R. Chandramoli. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 4(3):224-274, 2001.
10. V. D. Gligor, S. I. Gavrila, and D. Ferraiolo. On the formal definition of separation-of-duty policies and their composition. In 1998 IEEE Symposium on Security and Privacy (SSP '98), pages 172-185, Washington - Brussels - Tokyo, May 1998. IEEE.
11. Z. Manna, N. Bjørner, A. Browne, E. Chang, M. Colón, L. de Alfaro, H. Devarajan, A. Kapur, J. Lee, H. Sipma, and T. E. Uribe. STeP: The stanford temporal prover. In P. D. Mosses, M. Nielsen, and M. I. Schwartzbach, editors, TAPSOFT '95: Theory and Practice of Software Development, volume 915 of Lecture Notes in Computer Science, pages 793-794. Springer-Verlag, 1995.
12. Z. Manna and A. Pnueli. The Temporal Logic of Reactive and Concurrent Systems, Specification. Springer-Verlag, 1992.
13. Z. Manna and A. Pnueli. Temporal Verification of Reactive Systems: Safety. Springer-Verlag, New York, 1995.
14. K. Meinke and J. V. T. (eds.). Many-sorted logic and its applications. Wiley, Chichester, 1993.
15. M. J. Nash and K. R. Poland. Some conundrums concerning separation of duty. In Proc. IEEE Symposium on Research in Security and Privacy, pages 201-207, 1990.
16. M. Nyanchama and S. Osborn. The role graph model and conflict of interest. ACM Transactions on Information and System Security, 2(1):3-33, Feb. 1999.
17. R. Sandhu. Transaction control expressions for separation of duties. Fourth Aerospace Computer Security Applications Conference, Orlando, pages 282-286, 1988.
18. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. Computer, 29(2):38-47, Feb. 1996.
19. R. Simon and M. Zurko. Separation of duty in role-based environments. In 10th IEEE Computer Security Foundations Workshop (CSFW '97), pages 183-194, Washington - Brussels - Tokyo, June 1997. IEEE.
20. M. E. Zurko, R. Simon, and T. Sanfilippo. A user-centered, modular authorization service built on an RBAC foundation. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 57-71, Oakland, CA, May 1999. IEEE Computer Society, Technical Committee on Security and Privacy, IEEE Computer Society Press.