skip to main content
10.1145/1501434.1501487acmotherconferencesArticle/Chapter ViewAbstractPublication PagespstConference Proceedingsconference-collections
research-article

Constraint based role based access control (CRBAC) for restricted administrative delegation constraints in the SECTET

Published: 30 October 2006 Publication History

Abstract

To guarantee the consistency and integrity of dynamic constraints, this paper extends our Constraint based Role Based Access Control (CRBAC) [1] model for the concept of Administrative RBAC (ARBAC) [14] with the specification of dynamic administrative constraints at a higher level of abstraction. The CRBAC uses SECTET-PL, a predicative language for the specification of access rights based on the concepts of RBAC. SECTET-PL is part of the SECTET-framework for model-driven security for B2B workflows.

References

[1]
M. Alam, M. Hafner, and R. Breu. A Constraint based Role Based Access Control in the SECTET A Model-Driven Approach. To Appear in PST 2006.
[2]
M. Alam, M. Hafner, and R. Breu. Modeling Authorization in a SOA based Application Scenario. IASTED Software Engineering 2006, ISBN: 0-88986-572-8.
[3]
http://wikipedia.org/.
[4]
M. Alam et al. MA Framework for Modeling Restricted Delegation in Service Oriented Architecture. To Appear in Trust Bus 2006.
[5]
M. Alam et al. Model Driven Security for Web Services (MDS4WS). INMIC 2004, Digi Obj Id 10.1109/IN-MIC.2004.1492930.
[6]
M. Alam et al. Modeling Permissions in a (U/X)ML World. In IEEE ARES 2006, ISBN: 0-7695-2567-9.
[7]
M. Hafner et al. Modeling Inter-organizational Workflow Security in a Peer-to-Peer Environment. IEEE ICWS 2005, ISBN: 0-7695-2409-5.
[8]
M. Hafner et al. "SECTET An Extensible Framework for the Realization of Secure Inter-Organizational Workflows". Accepted for ICEIS 2006.
[9]
Model Driven Architecture. http://www.omg.org/mda.
[10]
Meta Object Facility: OMG Adapted Specification available at. http://www.omg.org/docs/ptc/04-10-15.pdf.
[11]
UML 2.0 OCL Specification. http://www.omg.org/docs/ptc/03-10-14.pdf.
[12]
R. Breu et al. Model Driven Security for Inter-Organizational Workflows in e-Government. TCGOV 2005, Proceedings. ISBN 3-540-25016-6.
[13]
R. Breu et al. Web service engineering - advancing a new software engineering discipline. ICWE 2005, LNCS 3579.
[14]
R. Sandhu and Q. Munawer. The ARBAC99 Model for Administration of Roles. acsac, p. 229, 15th Annual Computer Security Applications Conference (ACSAC '99), 1999.
[15]
www.sectet.org. Will be on Air by the end of May 2006.

Cited By

View all
  • (2018)Not Ready for Prime TimeInternational Journal of Secure Software Engineering10.4018/jsse.20111001042:4(49-61)Online publication date: 13-Dec-2018
  • (2013)Not Ready for Prime TimeDeveloping and Evaluating Security-Aware Software Systems10.4018/978-1-4666-2482-5.ch005(77-90)Online publication date: 2013
  • (2011)Security in Model Driven DevelopmentProceedings of the 2011 Sixth International Conference on Availability, Reliability and Security10.1109/ARES.2011.110(704-709)Online publication date: 22-Aug-2011
  1. Constraint based role based access control (CRBAC) for restricted administrative delegation constraints in the SECTET

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    PST '06: Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
    October 2006
    389 pages
    ISBN:1595936041
    DOI:10.1145/1501434
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    In-Cooperation

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 30 October 2006

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. administrative role based access control
    2. model-driven architecture
    3. permission-level delegation
    4. service oriented architectures

    Qualifiers

    • Research-article

    Conference

    PST06
    PST06: International Conference on Privacy, Security and Trust
    October 30 - November 1, 2006
    Ontario, Markham, Canada

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)0
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 20 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2018)Not Ready for Prime TimeInternational Journal of Secure Software Engineering10.4018/jsse.20111001042:4(49-61)Online publication date: 13-Dec-2018
    • (2013)Not Ready for Prime TimeDeveloping and Evaluating Security-Aware Software Systems10.4018/978-1-4666-2482-5.ch005(77-90)Online publication date: 2013
    • (2011)Security in Model Driven DevelopmentProceedings of the 2011 Sixth International Conference on Availability, Reliability and Security10.1109/ARES.2011.110(704-709)Online publication date: 22-Aug-2011

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media