An Administrative Model for Relationship-Based Access Control

被引:9
|
作者
Stoller, Scott D. [1 ]
机构
[1] SUNY Stony Brook, Dept Comp Sci, Stony Brook, NY 11794 USA
来源
Data and Applications Security and Privacy XXIX | 2015年 / 9149卷
关键词
ONLINE SOCIAL NETWORKS;
D O I
10.1007/978-3-319-20810-7_4
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Relationship-based access control (ReBAC) originated in the context of social network systems and recently is being generalized to be suitable for general computing systems. This paper defines a ReBAC model, based on Crampton and Sellwood's RPPM model, designed to be suitable for general computing systems. Our ReBAC model includes a comprehensive administrative model. The administrative model is comprehensive in the sense that it allows and controls changes to all aspects of the ReBAC policy. To the best of our knowledge, it is the first comprehensive administrative model for a ReBAC model suitable for general computing systems. The model is illustrated with parts of a sample access control policy for electronic health records in a healthcare network.
引用
收藏
页码:53 / 68
页数:16
相关论文
共 50 条
  • [21] Attribute-Aware Relationship-Based Access Control for Online Social Networks
    Cheng, Yuan
    Park, Jaehong
    Sandhu, Ravi
    [J]. DATA AND APPLICATIONS SECURITY AND PRIVACY XXVIII, 2014, 8566 : 292 - 306
  • [22] A Decision Tree Learning Approach for Mining Relationship-Based Access Control Policies
    Bui, Thang
    Stoller, Scott D.
    [J]. SACMAT'20: PROCEEDINGS OF THE 25TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, 2020, : 167 - 178
  • [23] ReLOG: A Unified Framework for Relationship-Based Access Control over Graph Databases
    Clark, Stanley
    Yakovets, Nikolay
    Fletcher, George
    Zannone, Nicola
    [J]. DATA AND APPLICATIONS SECURITY AND PRIVACY XXXVI, DBSEC 2022, 2022, 13383 : 303 - 315
  • [24] On Feasibility of Attribute-Aware Relationship-Based Access Control Policy Mining
    Chakraborty, Shuvra
    Sandhu, Ravi
    [J]. DATA AND APPLICATIONS SECURITY AND PRIVACY XXXV, 2021, 12840 : 393 - 405
  • [25] Mining Relationship-Based Access Control Policies from Incomplete and Noisy Data
    Bui, Thang
    Stoller, Scott D.
    Li, Jiajie
    [J]. FOUNDATIONS AND PRACTICE OF SECURITY, FPS 2018, 2019, 11358 : 267 - 284
  • [26] A relationship-based approach to model integration
    Chechik, Marsha
    Nejati, Shiva
    Sabetzadeh, Mehrdad
    [J]. INNOVATIONS IN SYSTEMS AND SOFTWARE ENGINEERING, 2012, 8 (01) : 3 - 18
  • [27] Higher-Order Relationship-Based Access Control: A Temporal Instantiation with IoT Applications
    Arora, Chahal
    Rizvi, Syed Zain R.
    Fong, Philip W. L.
    [J]. PROCEEDINGS OF THE 27TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, SACMAT 2022, 2022, : 223 - 234
  • [28] Learning Relationship-Based Access Control Policies from Black-Box Systems
    Iyer, Padmavathi
    Masoumzadeh, Amirreza
    [J]. ACM TRANSACTIONS ON PRIVACY AND SECURITY, 2022, 25 (03)
  • [29] A relationship-based approach to model integration
    Marsha Chechik
    Shiva Nejati
    Mehrdad Sabetzadeh
    [J]. Innovations in Systems and Software Engineering, 2012, 8 (1) : 3 - 18
  • [30] A Relationship-Based Approach to Model Management
    Chechik, Marsha
    [J]. MOMPES: 2009 ICSE WORKSHOP ON MODEL-BASED METHODOLOGIES FOR PERVASIVE AND EMBEDDED SOFTWARE, 2009, : 1 - 1
12345