CT-RBAC: A temporal RBAC model with conditional periodic time

Many emerging applications show need for a fine-grained context based access control requirements. The Generalized Temporal RBAC model has been proposed to capture fine-grained time-based access control requirements using periodic time expression to capture recurring intervals of time. In this paper, we present Conditional Temporal RBAC (CT-ABAC) model that extends CT-RBAC model by extending the periodic time expression. In particular, the extension allows fine-grained extension to capture other logical conditions that restricts the validity of the temporal constraints. CT-RBAC uses a symbolic representation of conditional periodic time that can be used to define set of conditions to qualify the components of a periodic time expression, using the concurrent transaction logic. Because of the conditional set introduced, CT-RBAC extends the time control dimension to the < condition, time > controlplane and the < time, constraint > plane of the GTPBAC framework to the < condition, time, constraint > three-dimensional control space, thus providing more flexibility in the access control model. We analyze conflicts introduced by the constraint set and the complexity of evaluating the conditional set.