Solving the user-role reachability problem in ARBAC with role hierarchy

Abstract : Access Control is becoming increasingly important for today's ubiquitous systems since it provides mechanism to prevent sensitive resources in the systems against unauthorized users. In access control models, the administration of access control policies is an important task that raises a crucial analysis problem: if a set of administrators can give a user an unauthorized access permission. We consider the analysis problem in the context of the Administrative Role-Based Access Control (ARBAC), the most widespread administrative model. One of the main assumptions of current analysis techniques is that the role hierarchy is constant and thus can be abstracted away that results in the bad scalability of analysis techniques. In this paper, we introduce three reductions to enable an available analysis technique, namely ASASPXL, to handle the user-role reachability problem with the presence of role hierarchy. An extensive experimentation reports the superiority of our reductions in comparison with the approach used in the literature.
Document type :
Conference papers
Complete list of metadatas

https://hal-cea.archives-ouvertes.fr/cea-01809216
Contributor : Léna Le Roy <>
Submitted on : Wednesday, June 6, 2018 - 3:07:10 PM
Last modification on : Wednesday, September 4, 2019 - 1:40:15 PM

Identifiers

Collections

Citation

Anh Truong, Dai Hai Ton That. Solving the user-role reachability problem in ARBAC with role hierarchy. 2016 International Conference on Advanced Computing and Applications (ACOMP), Nov 2016, Can Tho City, Vietnam. pp 3-10, 7809549, ⟨10.1109/ACOMP.2016.011⟩. ⟨cea-01809216⟩

Share

Metrics

Record views

74