GemRBAC-DSL: a High-level Specification Language for Role-based Access Control Policies

Ben Fadhel, Ameni; Bianculli, Domenico; Briand, Lionel

doi:10.1145/2914642.2914656

Reference : GemRBAC-DSL: a High-level Specification Language for Role-based Access Control Policies


	Document type :	Scientific congresses, symposiums and conference proceedings : Paper published in a book
	Discipline(s) :	Engineering, computing & technology : Computer science
	Focus Areas :	Security, Reliability and Trust
	To cite this reference:	http://hdl.handle.net/10993/26814

Title :	GemRBAC-DSL: a High-level Specification Language for Role-based Access Control Policies
Language :	English
Author, co-author :	Ben Fadhel, Ameni [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Bianculli, Domenico [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
	Briand, Lionel [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Publication date :	Jun-2016
Main document title :	21st ACM Symposium on Access Control Models and Technologies (SACMAT 2016)
Publisher :	ACM
Peer reviewed :	Yes
On invitation :	No
Audience :	International
Event name :	21st ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES
Event date :	from 06-06-2016 to 08-06-2016
Event organizer :	179-190
Event place (city) :	Shanghai
Event country :	China
Abstract :	[en] A role-based access control (RBAC) policy restricts a user to perform operations based on her role within an organization. Several RBAC models have been proposed to represent different types of RBAC policies. However, the expressiveness of these models has not been matched by specification languages for RBAC policies. Indeed, existing policy specification languages do not support all the types of RBAC policies defined in the literature. In this paper we aim to bridge the gap between highly-expressive RBAC models and policy specification languages, by presenting GemRBAC-DSL, a new specification language designed on top of an existing, generalized conceptual model for RBAC. The language sports a syntax close to natural language, to encourage its adoption among practitioners. We also define semantic checks to detect conflicts and inconsistencies among the policies written in a GemRBAC-DSL specification. We show how the semantics of GemRBAC-DSL can be expressed in terms of an existing formalization of RBAC policies as OCL (Object Constraint Language) constraints on the corresponding RBAC conceptual model. This formalization paves the way to define a model-driven approach for the enforcement of policies written in GemRBAC-DSL.
Research centres :	Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Software Verification and Validation Lab (SVV Lab)
Permalink :	http://hdl.handle.net/10993/26814
DOI :	10.1145/2914642.2914656
FnR project :	FnR ; FNR3949772 > Lionel Briand > VVLAB > Validation and Verification Laboratory > 01/01/2012 > 31/12/2016 > 2010

File(s) associated to this reference

Fulltext file(s):

	File	Commentary	Version	Size	Access
Open access	SACMAT2016.pdf		Author postprint	349.26 kB	View/Open

All documents in ORBi^lu are protected by a user license.

University of Luxembourg Library | Feedback | Legal notices