Reference : GemRBAC-DSL: a High-level Specification Language for Role-based Access Control Policies
Reports : Internal report
Engineering, computing & technology : Computer science
Security, Reliability and Trust
http://hdl.handle.net/10993/27171
GemRBAC-DSL: a High-level Specification Language for Role-based Access Control Policies
English
Ben Fadhel, Ameni mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Bianculli, Domenico mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Briand, Lionel mailto [University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > >]
Apr-2016
SnT Centre - University of Luxembourg
978-2-87971-151-5
TR-SNT-2016-4
[en] A role-based access control (RBAC) policy restricts a user to perform operations based on her role within an organization. Several RBAC models have been proposed to represent different types of RBAC policies. However, the expressiveness of these models has not been matched by specification languages for RBAC policies. Indeed, existing policy specification languages do not support all the types of RBAC policies defined in the literature.
In this paper we aim to bridge the gap between highly-expressive RBAC models and policy specification languages, by presenting GemRBAC-DSL, a new specification language designed on top of an existing, generalized conceptual model for RBAC. The language sports a syntax close to natural language, to encourage its adoption among practitioners. We also define semantic checks to detect conflicts and inconsistencies among the policies written in a GemRBAC-DSL specification. We show how the semantics of GemRBAC-DSL can be expressed in terms of an existing formalization of RBAC policies as OCL (Object Constraint Language) constraints on the corresponding RBAC conceptual model. This formalization paves the way to define a model-driven approach for the enforcement of policies written in GemRBAC-DSL.
http://hdl.handle.net/10993/27171

File(s) associated to this reference

Fulltext file(s):

FileCommentaryVersionSizeAccess
Open access
SnT-TR-2016-4.pdfAuthor postprint457.74 kBView/Open

Bookmark and Share SFX Query

All documents in ORBilu are protected by a user license.