NDLI: Formal Z Specifications of Several Flat Role-Based Access Control Models

Content Provider	IEEE Xplore Digital Library
Author	Abdallah ,. A.E. Khayat, E.J.
Copyright Year	2006
Description	Author affiliation: E-Security Res. Centre, London Bank Univ. (Abdallah , A.E.; Khayat, E.J.)
Abstract	Role-based access control (RBAC) is a high level authorization mechanism in which access decisions are based on the roles that users hold within an organization. Because RBAC offers scalability, consistency and ease of maintenance, it is very useful, particularly for large organizations. RBAC has been used to describe authorization in a wide variety of applications ranging from operating systems and databases to complex information systems. Despite its widespread adoption, however, there doesn't seem to be a common agreement on the semantics of even key RBAC concepts. For examples, the definitions of fundamental terms such as subject, principal, role, task, and permission have been open to many different and sometimes inconsistent interpretations. This paper attempts to clarify and define essential RBAC concepts. Based on these definitions, a variety of state-based flat role based access control models are developed. These models have increasing degrees of complexity and are formulated in the specification notation Z. The starting point is a core RBAC model which, in turn, is successively refined into a series of flat RBAC models with increasing levels of details. The semantics of each model is captured by giving a precise formulation of its corresponding reference monitor which makes access control decisions
Sponsorship	IEEE TCSE NASA Goddard Space Flight Center NASA Software Eng Lab
Starting Page	282
Ending Page	292
File Size	210543
Page Count	11
File Format	PDF
ISBN	0769526241
ISSN	15506215
DOI	10.1109/SEW.2006.20
Language	English
Publisher	Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Publisher Date	2006-04-24
Publisher Place	USA
Access Restriction	Subscribed
Rights Holder	Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subject Keyword	Access control Permission Authorization Monitoring Operating systems Security Scalability Databases Information systems Bridges Z specification. Role-Based Access Control Formal Models
Content Type	Text
Resource Type	Article

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in