Advertisement

TRBACN: A Temporal Authorization Model

  • Steve Barker
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2052)

Abstract

We show how the family of temporal role-based access control (TRBAC) models from [6], the TRBACO models, may be equivalently represented in a considerably simpler and more efficiently implemented way. We call the latter the TRBACN models. To specify TRBACN models, stratified normal clause logic is sufficient. To compute with TRBACN models, any procedural semantics that enables the perfect model of a stratified theory to be generated may be used. Although TRBACN security models have a much simpler representation than TRBACO models, we show that TRBACN and TRBACO models are equivalent in terms of their expressive power.

Keywords

Access Control Policy Access Control Model Deductive Database Definite Clause Security Administrator 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abiteboul, S., Hull, R., and Vianu, V.: Foundations of Databases. Addison-Wesley (1995)Google Scholar
  2. 2.
    Apt, K., Blair, H., and Walker, A.: Towards a Theory of Declarative Knowledge. In Minker, J. (ed.): Foundations of Deductive Databases and Logic Programming. Morgan-Kaufmann Publishers (1988)Google Scholar
  3. 3.
    Apt, K., and Bezem, M.: Acyclic Programs. New Generation Computing (1990)Google Scholar
  4. 4.
    Apt., K., and Pedreschi., D.: Reasoning about Termination of Pure Prolog Programs. Information and Computation, 106 (1993)Google Scholar
  5. 5.
    Barker, S.: Temporal Authorization in the Simplified Event Calculus. In Atluri V., and Hale, J., Hale J. (eds): Research Advances in Database and Information Systems Security. Kluwer Academic Publishers (2000)Google Scholar
  6. 6.
    Barker, S.: Data Protection by Logic Programming, 1st International Conference on Computational Logic, LNAI 1861, Springer-Verlag (2000)Google Scholar
  7. 7.
    Barker, S.: Secure Deductive Databases. PADL’01 (2001)Google Scholar
  8. 8.
    Bertino, E., Bettini, C., Ferrari, E., and Samarati, P.: A Temporal Access Control Mechanism for Database Systems. IEEE TKDE, 8(1) (1996)Google Scholar
  9. 9.
    Bertino, E., Bettini, C., Ferrari, E., and Samarati, P.: An Access Control Model Supporting Periodicity Constraints and Temporal Reasoning. TODS, 23(3) (1998)Google Scholar
  10. 10.
    Castano, S., Fugini, M., Martella, G., and Samarati, P.: Database Security, Addison Wesley. (1995)Google Scholar
  11. 11.
    Chen, W., Swift, T., and Warren, D.: Efficient Top-Down Computation of Queries Under the Well-Founded Semantics. JLP, 24(3) (1995)Google Scholar
  12. 12.
    Clark, K.: Negation as Failure. In H. Gallaire and J. Minker (eds): Logic and Databases. Plenum (1978)Google Scholar
  13. 13.
    Ferraiolo, D., Cugini, J., and Kuhn, R.: Role-Based Access Control: Features and Motivations. Proc. 11th Annual Computer Security Applications Conf., (1995)Google Scholar
  14. 14.
    Ferraiolo, D., Gilbert, D., and Lynch, N.: An Examination of Federal and Commercial Access Control Policy Needs. Proc. NIST-NCSC National Security Conf. (1993)Google Scholar
  15. 15.
    Lloyd, J.: Foundations of Logic Programming, 2nd Ed., Springer (1987)Google Scholar
  16. 16.
    Przymusinski, T.: Perfect Model Semantics. Proc. 5th ICLP, (1988)Google Scholar
  17. 17.
    Sandhu, R., Coyne, E., Feinstein, H., and Youman, C.: Role-Based Access Control Models. IEEE Computer, (1996)Google Scholar
  18. 18.
    Sandhu, R., Coyne, E., Feinstein, H., and Youman, C.: Role-Based Access Control: A Multi-Dimensional View. Proc. 10th Annual Computer Security Applications Conf. (1994)Google Scholar
  19. 19.
    Thomas, R., and Sandhu, R.: Discretionary Access Control in Object-Oriented Databases: Issues and Research Directions, Proc. 16th National Computer Security Conf. (1993)Google Scholar
  20. 20.
    Van Gelder, A.: Negation as Failure Using Tight Derivations for General Logic Programs. In Minker, J. (ed.): Foundations of Deductive Databases and Logic Programming. Morgan-Kaufmann Publishers (1988)Google Scholar
  21. 21.
    Van Gelder, A., Ross, K., and Schlipf, J.: The Well-Founded Semantics for General Logic Programs. J. ACM, 383) (1991)Google Scholar
  22. 22.
    Vardi, M.: The Complexity of Query Languages. ACM Symp. on the Theory of Computing (May, 1982)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Steve Barker
    • 1
  1. 1.Cavendish School of Computer ScienceUniversity of WestminsterLondonUK

Personalised recommendations