RBAC-PAT: A Policy Analysis Tool for Role Based Access Control

被引：0

作者：

Gofman, Mikhail I. ^{[1
]}

Luo, Ruiqi ^{[1
]}

Solomon, Ayla C. ^{[2
]}

Zhang, Yingbin ^{[1
]}

Yang, Ping ^{[1
]}

Stoller, Scott D. ^{[3
]}

机构：

[1] SUNY Binghamton, Dept Comp Sci, Binghamton, NY 13902 USA

[2] Wellesley Coll, Dept Comp Sci, Wellesley, MA 02181 USA

[3] SUNY Stony Brook, Dept Comp Sci, Stony Brook, NY USA

来源：

TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS, PROCEEDINGS | 2009年 / 5505卷

关键词：

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Role-Based Access Control (RBAC) has been widely used for expressing access control policies. Administrative Role-Based Access Control (ARBAC) specifies how an RBAC policy may be changed by each administrator. Because sequences of changes by different administrators may interact in unintended ways, it is often difficult to fully understand the effect of an ARBAC policy by simple inspection. This paper presents RBAC-PAT, a tool for analyzing RBAC and ARBAC policies, which supports analysis of various properties including reachability, availability, containment, weakest precondition, dead roles, and information flows.

引用

页码：46 / +

页数：2

共 50 条

[21] Policy Analysis for Self-administrated Role-Based Access Control
Ferrara, Anna Lisa
Madhusudan, P.
Parlato, Gennaro
TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS, TACAS 2013, 2013, 7795 : 432 - 447
[22] Policy Analysis for Administrative Role Based Access Control without Separate Administration
Yang, Ping
Gofman, Mikhail
Yang, Zijiang
DATA AND APPLICATIONS SECURITY AND PRIVACY XXVII, 2013, 7964 : 49 - 64
[23] Policy analysis for administrative role based access control without separate administration
Yang, Ping
Gofman, Mikhail I.
Stoller, Scott D.
Yang, Zijiang
JOURNAL OF COMPUTER SECURITY, 2015, 23 (01) : 1 - 29
[24] PAT: A postmortem object access pattern analysis and visualization tool
Fang, WJ
Wang, CL
Zhu, WZ
Lau, FCM
2004 IEEE INTERNATIONAL SYMPOSIUM ON CLUSTER COMPUTING AND THE GRID - CCGRID 2004, 2004, : 379 - 386
[25] A Tool for Access Control Policy Validation
Aqib, Muhammad
Shaikh, Riaz Ahmed
JOURNAL OF INTERNET TECHNOLOGY, 2018, 19 (01): : 157 - 166
[26] RBAC standard rationale - Comments on "A Critique of the ANSI Standard on Role-Based Access Control"
Ferraiolo, David
Kuhn, Rick
Sandhu, Ravi
IEEE SECURITY & PRIVACY, 2007, 5 (06) : 51 - 53
[27] Role-Based Access Control (RBAC) in Java via proxy objects using annotations
Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, ON, Canada
Proc. ACM Symp. Access Control Models Technol. SACMAT, (79-88):
[28] RBAC-GL: A Role-Based Access Control Gasless Architecture of Consortium Blockchain
Xu, Zhiyu
Jiao, Tengyun
Yang, Lin
Liu, Donghai
Wen, Sheng
Xiang, Yang
ALGORITHMS AND ARCHITECTURES FOR PARALLEL PROCESSING (ICA3PP 2019), PT I, 2020, 11944 : 439 - 453
[29] Spatio Temporal Emergency Role Based Access Control (STEM-RBAC) A Time and Location Aware Role Based Access Control Model with a Break the Glass Mechanism
Georgakakis, Emmanouil
Nikolidakis, Stefanos A.
Vergados, Dimitrios D.
Douligeris, Christos
2011 IEEE SYMPOSIUM ON COMPUTERS AND COMMUNICATIONS (ISCC), 2011,
[30] NIST and industry work together to develop a protection profile for role based access control (RBAC)
不详
JOURNAL OF RESEARCH OF THE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY, 1998, 103 (02) : 244 - 244

← 1 2 3 4 5 →