Access Control Using Active Rules

  • Raman Adaikkalavan
  • Sharma Chakravarthy
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6121)

Abstract

Access to only authorized resources is provided by access control mechanisms. Active or Event-Condition-Action rules make the underlying systems and applications active by detecting and reacting to changes. In this paper, we show how active rules can be used to enforce Role-Based Access Control (RBAC) standard. First, we analyze different components of active rules and their mappings for enforcing RBAC standard. Second, we discuss how RBAC standard is enforced using active rules. Finally, we discuss how active rules extend RBAC standard to cater to a large class of applications.

Keywords

ECA Rules Role-Based Access Control Event Constraints 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Sandhu, R.S., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)CrossRefGoogle Scholar
  2. 2.
    The Economic Impact of Role-Based Access Control, NIST (2002), http://www.nist.gov/director/prog-ofc/report02-1.pdf
  3. 3.
    Role-Based Access Control Case Studies and Experience, NIST, http://csrc.nist.gov/rbac/RBAC-case-studies.html
  4. 4.
    RBAC Standard, ANSI INCITS 359-2004, International Committee for IT Standards (2004)Google Scholar
  5. 5.
    Chen, F., Sandhu, R.S.: Constraints for role-based access control. In: Proc. of the ACM Workshop on RBAC, p. 14. ACM Press, New York (1996)Google Scholar
  6. 6.
    Strembeck, M., Neumann, G.: An integrated approach to engineer and enforce context constraints in RBAC environments. ACM TISSEC 7(3), 392–427 (2004)CrossRefGoogle Scholar
  7. 7.
    Adaikkalavan, R., Chakravarthy, S.: When to Trigger Active Rules?. In: Proc. of the COMAD, Mysore, India (December 2009)Google Scholar
  8. 8.
    Demers, A.J., Gehrke, J., Panda, B., Riedewald, M., Sharma, V., White, W.M.: Cayuga: A general purpose event monitoring system. In: Proc. of the CIDR, pp. 412–422 (2007)Google Scholar
  9. 9.
    Adaikkalavan, R., Chakravarthy, S.: Event Specification and Processing For Advanced Applications: Generalization and Formalization. In: Wagner, R., Revell, N., Pernul, G. (eds.) DEXA 2007. LNCS, vol. 4653, pp. 369–379. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Adaikkalavan, R., Chakravarthy, S.: SnoopIB: Interval-Based Event Specification and Detection for Active Databases. DKE 59(1), 139–165 (2006)CrossRefGoogle Scholar
  11. 11.
    Carlson, J., Lisper, B.: An Interval-Based Algebra for Restricted Event Detection. In: Larsen, K.G., Niebert, P. (eds.) FORMATS 2003. LNCS, vol. 2791, pp. 121–133. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. 12.
    Paton, N.W.: Active Rules in Database Systems. Springer, New York (1999)CrossRefMATHGoogle Scholar
  13. 13.
    Widom, J., Ceri, S.: Active Database Systems: Triggers and Rules. Morgan Kaufmann Publishers, Inc. (1996)Google Scholar
  14. 14.
    Chakravarthy, S., Krishnaprasad, V., Anwar, E., Kim, S.-K.: Composite Events for Active Databases: Semantics, Contexts, and Detection. In: Proc. of the VLDB, pp. 606–617 (1994)Google Scholar
  15. 15.
    Gatziu, S., Dittrich, K.R.: Events in an Object-Oriented Database System. In: Proc. of the Rules in Database Systems (September 1993)Google Scholar
  16. 16.
    Gehani, N.H., Jagadish, H.V., Shmueli, O.: Composite Event Specification in Active Databases: Model & Implementation. In: Proc. of the VLDB, pp. 327–338 (1992)Google Scholar
  17. 17.
    Chakravarthy, S., Anwar, E., Maugis, L., Mishra, D.: Design of Sentinel: An Object-Oriented DBMS with Event-Based Rules. IST 36(9), 559–568 (1994)Google Scholar
  18. 18.
    Galton, A., Augusto, J.: Two Approaches to Event Definition. In: Hameurlain, A., Cicchetti, R., Traunmüller, R. (eds.) DEXA 2002. LNCS, vol. 2453, pp. 547–556. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Raman Adaikkalavan
    • 1
  • Sharma Chakravarthy
    • 2
  1. 1.Computer and Information Sciences & InformaticsIndiana University South BendUSA
  2. 2.Department of Computer Science EngineeringThe University of Texas At ArlingtonUSA

Personalised recommendations