Design and specification of role based access control policies

M. Hitchens*, V. Varadharajan

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

23 Citations (Scopus)

Abstract

The authors describe a language based approach to the specification of authorisation policies that can be used to support the range of access control policies in commercial object systems. They discuss the issues involved in the design of a language for role based access control systems. The notion of roles is used as a primitive construct within the language. The basic constructs of the language are discussed and the language is used to specify several access control policies such as role based access control; static and dynamic separation of duty delegation and joint action based access policies. The language is flexible and is able to capture meta-level operations, and it is often these features which are significant when it comes to the applicability of an access control system to practical real situations.

Original languageEnglish
Pages (from-to)117-129
Number of pages13
JournalIEE Proceedings: Software
Volume147
Issue number4
DOIs
Publication statusPublished - 2000
Externally publishedYes

Fingerprint Dive into the research topics of 'Design and specification of role based access control policies'. Together they form a unique fingerprint.

Cite this