EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

A Role-Based Administrative Model for Administration of Heterogeneous Access Control Policies and its Security Analysis

Mahendra Pratap Singh (), Shamik Sural (), Jaideep Vaidya () and Vijayalakshmi Atluri ()
Additional contact information
Mahendra Pratap Singh: Indian Institute of Technology Kharagpur
Shamik Sural: Indian Institute of Technology Kharagpur
Jaideep Vaidya: Rutgers University
Vijayalakshmi Atluri: Rutgers University

Information Systems Frontiers, 2024, vol. 26, issue 6, No 14, 2255-2272

Abstract: Abstract Over the past few years, several efforts have been made to enable specification and enforcement of flexible and dynamic access control policies using traditional access control (such as role based access control (RBAC), etc.) and attribute based access control (ABAC). Recently, a unified framework, named MPBAC (meta-policy based access control), has been developed to enable specification and enforcement of heterogeneous access control policies such as ABAC, RBAC and a combination of policies (such as ABAC and RBAC). However, one significant limitation is that no complete administrative model has been developed for heterogeneous access control policies. In this article, we present a complete role-based administrative model (named as RAMHAC) for managing heterogeneous access control policies. We also introduce a novel methodology for analyzing heterogeneous access control policies in the presence of RAMHAC by modeling the policies through Datalog facts and using the μ z tool. The administrative model includes a wide range of administrative relations, commands, pre-constraints and post-constraints. A comprehensive experimental evaluation demonstrates the scalability of the proposed approach.

Keywords: Security analysis; Fixed-point analysis; ABAC; RBAC; MPBAC; Administrative model (search for similar items in EconPapers)
Date: 2024
References: View references in EconPapers View complete reference list from CitEc
Citations:

Downloads: (external link)
http://link.springer.com/10.1007/s10796-021-10167-z Abstract (text/html)
Access to the full text of the articles in this series is restricted.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:infosf:v:26:y:2024:i:6:d:10.1007_s10796-021-10167-z

Ordering information: This journal article can be ordered from
http://www.springer.com/journal/10796

DOI: 10.1007/s10796-021-10167-z

Access Statistics for this article

Information Systems Frontiers is currently edited by Ram Ramesh and Raghav Rao

More articles in Information Systems Frontiers from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-04-12
Handle: RePEc:spr:infosf:v:26:y:2024:i:6:d:10.1007_s10796-021-10167-z