Specifying role-based access constraints with object constraint language

Hua Wang*, Yanchun Zhang, Jinli Cao, Jian Yang

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

6 Citations (Scopus)


Constraints are an important aspect of role-based access control (RBAC). Constraints have to be satisfied when an administrator wants to assign (revoke) a role to a user or a permission to a role. The importance of constraints associated with user-role assignments and permission-role assignments in RBAC has been recognized but the modelling of these constraints has not been received much attention. In this paper we use a de facto constraints specification language in software engineering to analyze the constraints in user-role assignments and permission-role assignments. We show how to represent role-based access constraints with object constraint language (OCL) and discuss the future work. Finally, comparisons with other related work are presented.

Original languageEnglish
Pages (from-to)687-696
Number of pages10
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Publication statusPublished - 2004
Externally publishedYes


Dive into the research topics of 'Specifying role-based access constraints with object constraint language'. Together they form a unique fingerprint.

Cite this