Abstract
Constraints are an important aspect of role-based access control (RBAC). Constraints have to be satisfied when an administrator wants to assign (revoke) a role to a user or a permission to a role. The importance of constraints associated with user-role assignments and permission-role assignments in RBAC has been recognized but the modelling of these constraints has not been received much attention. In this paper we use a de facto constraints specification language in software engineering to analyze the constraints in user-role assignments and permission-role assignments. We show how to represent role-based access constraints with object constraint language (OCL) and discuss the future work. Finally, comparisons with other related work are presented.
Original language | English |
---|---|
Pages (from-to) | 687-696 |
Number of pages | 10 |
Journal | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
Volume | 3007 |
Publication status | Published - 2004 |
Externally published | Yes |