{"title":"用于执行具有空间特征的RBAC的主动授权规则","authors":"Zhu Tang, Shiguang Ju, Weihe Chen","doi":"10.1109/ISCSCT.2008.311","DOIUrl":null,"url":null,"abstract":"The integration of the spatial dimension into RBAC-based models has been the hot topic as a consequence of the growing relevance of geo-spatial information in advanced GIS and mobile applications. Dynamically monitoring the state changes of an underlying system, detecting and reacting to changes without delay are crucial for the success of any access control enforcement mechanism. Thus, current systems or models should provide a flexible mechanism for enforcing RBAC with spatial characteristics in a seamless way, and adapt to policy or role structure changes in enterprises, which are indispensable to make RBAC with spatial characteristics usable in diverse domains. In this paper we will show how On-If-Then-Else authorization rules (or enhanced ECA rules) are used for enforcing RBAC with spatial characteristics in a seamless way. Large enterprises have hundreds of roles, which requires thousands of rules for providing access control, and generating these rules manually is error-prone and a cognitive-burden for non-computer specialists. Thus, in this paper, we will discuss briefly how these authorization rules can be automatically generated from high level specifications of enterprise access control policies.","PeriodicalId":228533,"journal":{"name":"2008 International Symposium on Computer Science and Computational Technology","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-12-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Active Authorization Rules for Enforcing RBAC with Spatial Characteristics\",\"authors\":\"Zhu Tang, Shiguang Ju, Weihe Chen\",\"doi\":\"10.1109/ISCSCT.2008.311\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The integration of the spatial dimension into RBAC-based models has been the hot topic as a consequence of the growing relevance of geo-spatial information in advanced GIS and mobile applications. Dynamically monitoring the state changes of an underlying system, detecting and reacting to changes without delay are crucial for the success of any access control enforcement mechanism. Thus, current systems or models should provide a flexible mechanism for enforcing RBAC with spatial characteristics in a seamless way, and adapt to policy or role structure changes in enterprises, which are indispensable to make RBAC with spatial characteristics usable in diverse domains. In this paper we will show how On-If-Then-Else authorization rules (or enhanced ECA rules) are used for enforcing RBAC with spatial characteristics in a seamless way. Large enterprises have hundreds of roles, which requires thousands of rules for providing access control, and generating these rules manually is error-prone and a cognitive-burden for non-computer specialists. Thus, in this paper, we will discuss briefly how these authorization rules can be automatically generated from high level specifications of enterprise access control policies.\",\"PeriodicalId\":228533,\"journal\":{\"name\":\"2008 International Symposium on Computer Science and Computational Technology\",\"volume\":\"14 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-12-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 International Symposium on Computer Science and Computational Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCSCT.2008.311\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Symposium on Computer Science and Computational Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCSCT.2008.311","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Active Authorization Rules for Enforcing RBAC with Spatial Characteristics
The integration of the spatial dimension into RBAC-based models has been the hot topic as a consequence of the growing relevance of geo-spatial information in advanced GIS and mobile applications. Dynamically monitoring the state changes of an underlying system, detecting and reacting to changes without delay are crucial for the success of any access control enforcement mechanism. Thus, current systems or models should provide a flexible mechanism for enforcing RBAC with spatial characteristics in a seamless way, and adapt to policy or role structure changes in enterprises, which are indispensable to make RBAC with spatial characteristics usable in diverse domains. In this paper we will show how On-If-Then-Else authorization rules (or enhanced ECA rules) are used for enforcing RBAC with spatial characteristics in a seamless way. Large enterprises have hundreds of roles, which requires thousands of rules for providing access control, and generating these rules manually is error-prone and a cognitive-burden for non-computer specialists. Thus, in this paper, we will discuss briefly how these authorization rules can be automatically generated from high level specifications of enterprise access control policies.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
