RelBAC: Relation-Based Access Control

What distinguishes RelBAC from other access control models is the way it models PERMISSION in addition to the basic components such as SUBJECT and OBJECT. The intuition is that a PERMISSION is an operation that users (SUBJECTs) can perform on certain resources (OBJECTs). To capture this intuition a PERMISSION is named with the name of the operation it refers to, e.g., Write, and Read operation or some more high-level operation, e.g., Assign, Manage, etc. In RelBAC, the original form of a verb is used as a PERMISSION name with the first letter capitalized. The generalization (loops) on each components represent IS-A relations. They are the most common and important relations among the knowledge. Groups of SUBJECT and classes of OBJECT are organized with IS-A hierarchies. The most interesting part is the loop on PERMISSION which represents the IS-A relations among named pairs. Modeling a PERMISSION as a set of named pairs allows us to use set theories on PERMISSIONs.

Publications

  • RelBAC: Relation Based Access Control
    Fausto Giunchiglia, Rui Zhang, Bruno Crispo
    Proceedings of the Fourth International Conference on Semantics, Knowledge and Grid. (SKG 2008)
    Beijing, China, December 2008, pages 3-11. [ ps, ps.gz, pdf ]
    Slides [ odp, ppt, pdf (requires a pdf viewer that supports transparent images) ]
  • Using Description Logics in Relation Based Access Control
    Rui Zhang, Alessandro Artale, Fausto Giunchiglia, Bruno Crispo
    Accepted at the 22nd International Workshop on Description Logics. (DL 2009)
    Oxford, United Kingdom, July 2009. [ ps, ps.gz, pdf ]
    Slides [ odp, ppt, pdf (requires a pdf viewer that supports transparent images) ]
  • Relation-Based Access Control: An Access Control Model for Context-aware Computing Environment
    Rui Zhang, Fausto Giunchiglia, Bruno Crispo, Lingyang Song
    To appear in Wireless Personal Communications Journal, Springer 2009. (WPC). [ ps, ps.gz, pdf ]
    Slides [ odp, ppt, pdf (requires a pdf viewer that supports transparent images) ]
  • Ontology Driven Community Access Control
    Fausto Giunchiglia, Rui Zhang, Bruno Crispo
    Proceedings of the Trust and Privacy on the Social and Semantic Web Workshop. (SPOT 2009)
    Heraklion, Greece, June 2009. [ pdf ]
    Slides [ pdf (requires a pdf viewer that supports transparent images) ]

People

Contact

{relbac@disi.unitn.it}

relbac.txt · Last modified: 2014/09/17 17:28 by danilo
CC Attribution-Share Alike 3.0 Unported
www.chimeric.de Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0