LATPub426: Unterschied zwischen den Versionen
Aus International Center for Computational Logic
Marcel Lippmann (Diskussion | Beiträge) KKeine Bearbeitungszusammenfassung |
Marcel Lippmann (Diskussion | Beiträge) KKeine Bearbeitungszusammenfassung |
||
Zeile 20: | Zeile 20: | ||
}} | }} | ||
{{Publikation Details | {{Publikation Details | ||
|Abstract=Role Based Access Control (RBAC) is a methodology for providing users in an IT system
| |Abstract=Role Based Access Control (RBAC) is a methodology for providing users in an IT system specific permissions like write or read to users. It abstracts from specific users and binds permissions to user roles. Similarly, one can abstract from specific documents and bind permission to document types. | ||
In this paper, we apply Description Logics (DLs) to formalize RBAC. We provide
| In this paper, we apply Description Logics (DLs) to formalize RBAC. We provide a thorough discussion on different possible interpretations of RBAC matrices and how DLs can be used to capture the RBAC constraints. We show moreover that with DLs, we can express more intended constraints than it can be done in the common RBAC approach, thus proving the benefit of using DLs in the RBAC setting. For deriving additional constraints, we introduce a strict methodology, based on attribute exploration method known from Formal Concept Analysis. The attribute exploration allows to systematically finding unintended implications and to deriving constraints and making them explicit. Finally, we apply our approach to a real-life example. | ||
|ISBN= | |ISBN= | ||
|ISSN= | |ISSN= |
Aktuelle Version vom 25. März 2015, 16:34 Uhr
Access Policy Design Supported by FCA Methods
Frithjof DauFrithjof Dau, Martin KnechtelMartin Knechtel
Frithjof Dau, Martin Knechtel
Access Policy Design Supported by FCA Methods
In Frithjof Dau and Sebastian Rudolph, eds., Proceedings of the 17th International Conference on Conceptual Structures, (ICCS 2009), volume 5662 of Lecture Notes in Computer Science, 141-154, 2009
Access Policy Design Supported by FCA Methods
In Frithjof Dau and Sebastian Rudolph, eds., Proceedings of the 17th International Conference on Conceptual Structures, (ICCS 2009), volume 5662 of Lecture Notes in Computer Science, 141-154, 2009
- KurzfassungAbstract
Role Based Access Control (RBAC) is a methodology for providing users in an IT system specific permissions like write or read to users. It abstracts from specific users and binds permissions to user roles. Similarly, one can abstract from specific documents and bind permission to document types. In this paper, we apply Description Logics (DLs) to formalize RBAC. We provide a thorough discussion on different possible interpretations of RBAC matrices and how DLs can be used to capture the RBAC constraints. We show moreover that with DLs, we can express more intended constraints than it can be done in the common RBAC approach, thus proving the benefit of using DLs in the RBAC setting. For deriving additional constraints, we introduce a strict methodology, based on attribute exploration method known from Formal Concept Analysis. The attribute exploration allows to systematically finding unintended implications and to deriving constraints and making them explicit. Finally, we apply our approach to a real-life example. - Forschungsgruppe:Research Group: AutomatentheorieAutomata Theory
@inproceedings{ DaKn-ICCS-09,
author = {Frithjof {Dau} and Martin {Knechtel}},
booktitle = {Proceedings of the 17th International Conference on {C}onceptual {S}tructures, {(ICCS 2009)}},
editor = {Frithjof {Dau} and Sebastian {Rudolph}},
pages = {141--154},
series = {Lecture Notes in Computer Science},
title = {Access Policy Design Supported by {FCA} Methods},
volume = {5662},
year = {2009},
}