Specifying role-based access constraints with object constraint language

Wang, Hua and Zhang, Yanchun and Cao, Jinli and Yang, Jian (2004) Specifying role-based access constraints with object constraint language. In: 6th Asia-Pacific Web Conference: Advanced Web Technologies and Applications (APWeb 2004), 14-17 April 2004, Hangzhou, China.

[img]
Preview
PDF (Accepted Version)
Wang_Zhang_Cao_Yang_APWeb2004_AV.pdf

Download (161Kb)

Abstract

Constraints are an important aspect of role-based access control (RBAC). Constraints have to be satisfied when an administrator wants to assign (revoke) a role to a user or a permission to a role. The importance of constraints associated with user-role assignments and permission-role assignments in RBAC has been recognized but the modelling of these constraints has not received much attention. In this paper we use a de facto constraints specification language in software engineering to analyse the constraints in user-role assignments and permission-role assignments. We show how to represent role-based access constraints with object constraint language (OCL) and discuss the future work. Finally, comparisons with other related work are presented.


Statistics for USQ ePrint 7331
Statistics for this ePrint Item
Item Type: Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)
Refereed: Yes
Item Status: Live Archive
Additional Information: Author version deposited in accordance with the copyright policy of the publisher. Copyright 2004 Springer. This is the author's version of the work. It is posted here with permission of the publisher for your personal use. No further distribution is permitted. The item is also available in Lecture Notes in Computer Science v. 3007 at http://www.springerlink.com
Depositing User: Dr Hua Wang
Faculty / Department / School: Historic - Faculty of Sciences - Department of Maths and Computing
Date Deposited: 05 Aug 2011 03:10
Last Modified: 02 Jul 2013 23:45
Uncontrolled Keywords: role-based access control; constraints
Fields of Research (FOR2008): 08 Information and Computing Sciences > 0806 Information Systems > 080604 Database Management
Socio-Economic Objective (SEO2008): B Economic Development > 89 Information and Communication Services > 8903 Information Services > 890301 Electronic Information Storage and Retrieval Services
URI: http://eprints.usq.edu.au/id/eprint/7331

Actions (login required)

View Item Archive Repository Staff Only