ACTkit: A Framework for the Definition and Enforcement of Role, Content and Context-based Access Control Policies

被引:0
|
作者
Betarte, G. [1 ,3 ,4 ,5 ]
Gatto, A. [2 ,3 ]
Martinez, R. [2 ,3 ,5 ]
Zipitria, F. [1 ,3 ,4 ,5 ]
机构
[1] Univ Republica, Inst Computac, Fac Ingn, Montevideo, Uruguay
[2] Tilsor SA, Montevideo, Uruguay
[3] Univ Republ FING UDELAR, Fac Ingn, Montevideo, Uruguay
[4] Inst Computac InCo, Montevideo, Uruguay
[5] Grp Seguridad Informat GSI FING UDELAR, Montevideo, Uruguay
来源
IEEE LATIN AMERICA TRANSACTIONS | 2012年 / 10卷 / 03期
关键词
Authorization; RBAC; Application Security; Context-based and Content-based Access Control;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
This work describes a framework, called ACTkit, for the definition and enforcement of dynamic access control policies on (multi-tiered) information systems. ACTkit embodies a language for defining security policies built out of role-, context- and content-based access control rules and an access control module responsible for the policy enforcement. A model, which has been defined as an extension of Hierarchical RBAC to provide a precise semantics for the security policies, is also presented and discussed.
引用
收藏
页码:1742 / 1751
页数:10
相关论文
共 50 条
  • [1] Extended Role-Based Access Control with Context-Based Role Filtering
    Liu, Gang
    Zhang, Runnan
    Wan, Bo
    Ji, Shaomin
    Tian, Yumin
    KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS, 2020, 14 (03): : 1263 - 1279
  • [2] Dynamic role and context-based access control for grid applications
    Yao, HB
    Hu, HP
    Huang, BH
    Li, RX
    PDCAT 2005: SIXTH INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED COMPUTING, APPLICATIONS AND TECHNOLOGIES, PROCEEDINGS, 2005, : 404 - 406
  • [3] Dynamic role and context-based access control for grid applications
    Yao Han-bing
    Hu He-ping
    Lu Zheng-ding
    Li Rui-xuan
    TENCON 2005 - 2005 IEEE REGION 10 CONFERENCE, VOLS 1-5, 2006, : 1619 - 1625
  • [4] ConPrEF: A Context-based Privacy Enforcement Framework for Edge Computing
    Sirigu, Giorgia
    Carminati, Barbara
    Ferrari, Elena
    2023 IEEE INTERNATIONAL CONFERENCE ON EDGE COMPUTING AND COMMUNICATIONS, EDGE, 2023, : 72 - 78
  • [5] A Framework of Composable Access Control Definition, Enforcement and Assurance.
    Pavlich-Mariscal, Jaime A.
    Demurjian, Steven A.
    Michel, Laurent D.
    SCCC 2008: INTERNATIONAL CONFERENCE OF THE CHILEAN COMPUTER SCIENCE SOCIETY, PROCEEDINGS, 2008, : 13 - +
  • [6] Context-based Monitor Framework for Sensors Access in Smartphone
    Dai, Jiazhu
    Chen, Junyan
    PROCEEDINGS OF 2015 IEEE INTERNATIONAL CONFERENCE ON PROGRESS IN INFORMATCS AND COMPUTING (IEEE PIC), 2015, : 472 - 475
  • [7] Context-Based Access Control for Ridesharing Service
    Teslya, Nikolay
    Kashevnik, Alexey
    Pashkin, Michael
    2013 14TH CONFERENCE OF OPEN INNOVATIONS ASSOCIATION (FRUCT), 2013, : 156 - 163
  • [8] A Rigorous Framework for Specification, Analysis and Enforcement of Access Control Policies
    Margheri, Andrea
    Masi, Massimiliano
    Pugliese, Rosario
    Tiezzi, Francesco
    IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2019, 45 (01) : 2 - 33
  • [9] A Semantic-Aware Context-Based Access Control Framework for Mobile Web Services
    Shen, Haibo
    Cheng, Yu
    MECHANICAL ENGINEERING AND INTELLIGENT SYSTEMS, PTS 1 AND 2, 2012, 195-196 : 498 - 503
  • [10] Context-based access control management in ubiquitous environments
    Corradi, A
    Montanari, R
    Tibaldi, D
    THIRD IEEE INTERNATIONAL SYMPOSIUM ON NETWORK COMPUTING AND APPLICATIONS, PROCEEDINGS, 2004, : 253 - 260
12345