{"title":"如何使用事件和规则来支持基于角色的安全?(邀请报告)","authors":"R. Adaikkalavan, Sharma Chakravarthy","doi":"10.1109/DEXA.2006.68","DOIUrl":null,"url":null,"abstract":"Role-based access control, where object accesses are controlled by roles (or job functions) is a more feasible alternative to traditional access control mechanisms. Constraints play a critical role in realizing and providing finegrained RBAC in diverse domains such as P2P and grid computing. In this paper, we have shown how events and authorization rules are used to provide fine-grained RBAC. First, simple events are identified for the RBAC domain. Second, various event operators for modeling constraints such as precedence, non-occurrence, dependency and their combinations are introduced. Third, how event-based RBAC policies are specified using both simple and complex events are discussed. Finally, how the proposed fine-grained RBAC policies can be exploited for P2P resource management is discussed","PeriodicalId":282986,"journal":{"name":"17th International Workshop on Database and Expert Systems Applications (DEXA'06)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"How to Use Events and Rules for Supporting Role-Based Security? (Invited Paper)\",\"authors\":\"R. Adaikkalavan, Sharma Chakravarthy\",\"doi\":\"10.1109/DEXA.2006.68\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Role-based access control, where object accesses are controlled by roles (or job functions) is a more feasible alternative to traditional access control mechanisms. Constraints play a critical role in realizing and providing finegrained RBAC in diverse domains such as P2P and grid computing. In this paper, we have shown how events and authorization rules are used to provide fine-grained RBAC. First, simple events are identified for the RBAC domain. Second, various event operators for modeling constraints such as precedence, non-occurrence, dependency and their combinations are introduced. Third, how event-based RBAC policies are specified using both simple and complex events are discussed. Finally, how the proposed fine-grained RBAC policies can be exploited for P2P resource management is discussed\",\"PeriodicalId\":282986,\"journal\":{\"name\":\"17th International Workshop on Database and Expert Systems Applications (DEXA'06)\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-09-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"17th International Workshop on Database and Expert Systems Applications (DEXA'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/DEXA.2006.68\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"17th International Workshop on Database and Expert Systems Applications (DEXA'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/DEXA.2006.68","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
How to Use Events and Rules for Supporting Role-Based Security? (Invited Paper)
Role-based access control, where object accesses are controlled by roles (or job functions) is a more feasible alternative to traditional access control mechanisms. Constraints play a critical role in realizing and providing finegrained RBAC in diverse domains such as P2P and grid computing. In this paper, we have shown how events and authorization rules are used to provide fine-grained RBAC. First, simple events are identified for the RBAC domain. Second, various event operators for modeling constraints such as precedence, non-occurrence, dependency and their combinations are introduced. Third, how event-based RBAC policies are specified using both simple and complex events are discussed. Finally, how the proposed fine-grained RBAC policies can be exploited for P2P resource management is discussed
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
