Access Control and Obligations in the Category-Based Metamodel: A Rewrite-Based Semantics

Thumbnail Image
Date
2015
Authors
Sandra Alves
Degtyarev,A
Fernandez,M
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
We define an extension of the category-based access control (CBAC) metamodel to accommodate a general notion of obligation. Since most of the well-known access control models are instances of the CBAC metamodel, we obtain a framework for the study of the interaction between authorisation and obligation, such that properties may be proven of the metamodel that apply to all instances of it. In particular, the extended CBAC metamodel allows security administrators to check whether a policy combining authorisations and obligations is consistent.
Description
Keywords
Citation