Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
Separation of duty in role-based access control model through fuzzy relations
Takabi, H ; Sharif University of Technology | 2007
532
Viewed
- Type of Document: Article
- DOI: 10.1109/IAS.2007.68
- Publisher: 2007
- Abstract:
- As a security principle, separation of duty (SoD) is widely considered in computer security. In the role-based access control(RBAC) model, separation of duty constraints enforce conflict of interest policies. There are two main types of separation of duty policies in RBAC, Static SoD (SSoD) and Dynamic SoD (DSoD). In RBAC, Statically Mutually Exclusive Role (SMER) constraints are used to enforce Static Separation of Duty policies. Dynamic Separation of duty policies, like SSoD policies, are intended to limit the permissions that are available to a user. However, DSoD policies differ from SSoD policies by the context in which these limitations are imposed. A DSoD policy limits the availability of the permissions over a users permission space by placing constraints on the roles that can be activated within or across a users sessions. Like SMER, in RBAC Dynamically Mutually Exclusive Role (DMER) constraints are used to enforce DSoD policies. We investigated using of a fuzzy approach to address the issue in order to provide a more practical solution. In this paper, we propose a model to express the separation of duty policies in RBAC using the fuzzy set theory. The concept of trustworthiness, which is fuzzy in nature, is used to express this model. In comparison with non-fuzzy methods, our method is more pragmatic and more consistent with the real world. The expressiveness of our method is higher than the nonfuzzy ones. We show expression of some constraints in our method which cannot be expressed by non-fuzzy methods. Applicability of the method is shown through an example of the real world. © 2007 IEEE
- Keywords:
- Control systems ; Fuzzy control ; Fuzzy logic ; Fuzzy sets ; Isomers ; Ketones ; Military data processing ; Security of data ; Security systems ; Separation ; Set theory ; (R ,s ,S) policy ; computer security ; Conflict of interest ; Dynamic Separation of Duty ; Fuzzy approach ; Fuzzy methods ; Fuzzy relations ; Fuzzy set theory (FST) ; In order ; Information Assurance and Security (IAS) ; Practical solutions ; Real world ; Role-based access control (RBAC) models ; Separation of duties ; Statically mutually exclusive role (SMER) constraints ; Access control
- Source: 3rd Internationl Symposium on Information Assurance and Security, IAS 2007, Manchester, 20 August 2007 through 31 August 2007 ; September , 2007 , Pages 125-130 ; 0769528767 (ISBN); 9780769528762 (ISBN)
- URL: https://ieeexplore.ieee.org/document/4299762