Using π-Calculus to Formalize Domain Administration of RBAC

  • Yahui Lu
  • Li Zhang
  • Yinbo Liu
  • Jiaguang Sun
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3903)


With the wide implementations of Role-based access control (RBAC) models in the information systems, the access control for RBAC itself, administration of RBAC, becomes more and more important. In this paper, we propose a Domain Administration of RBAC Model, DARBAC, which defines an administrative domain for each administrative role. The administrative role can execute administrative operations on the users, roles, objects and child administrative roles within its administrative domain. Then we use π-calculus to formalize the elements of DARBAC model and their interactions. Although π-calculus has been successfully used in many security areas such as protocol analysis and information flow analysis, as we have known, our approach is the first attempt to use π-calculus to formalize RBAC and its administrative model.


Role Process Access Port Access Control Model Administrative Domain Operation Port 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Rolebased access control models. IEEE Computer 29(2), 38–47 (February 1996)Google Scholar
  2. 2.
    Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security 4(3), 224–274 (August 2001)CrossRefGoogle Scholar
  3. 3.
    Sandhu, R.S., Bhamidipati, V., Munawer, Q.: The ARBAC 1997 Model for Role-Based Administration of Roles. ACM Transactions on Information and Systems Security 2(1), 105–135 (1999)CrossRefGoogle Scholar
  4. 4.
    Oh, S., Sandhu, R.S.: A model for role administration using organization structure. SACMAT 2002, 155–162 (2002)Google Scholar
  5. 5.
    Crampton, J., Loizou, G.: Administrative scope: A foundation for rolebased administrative models. ACM Transactions on Information and System Security 6(2), 201–231 (2003)CrossRefGoogle Scholar
  6. 6.
    Wedde, H.F., Lischka, M.: Modular Authorization and Administration. ACM Transactions on Information and System Security 7(3), 363–391 (2004)CrossRefGoogle Scholar
  7. 7.
    Koch, M., Mancini, L.V., Parisi-Presicce, F.: A Graph based Formalism for RBAC. ACM Trans. Information and System Security 5(3), 332–365 (2002)CrossRefGoogle Scholar
  8. 8.
    Koch, M., Mancini, L.V., Parisi-Presicce, F.: Administrative scope in the graph-based framework. SACMAT 2004, 97–104 (2004)Google Scholar
  9. 9.
    Milner, R., Parrow, J., Walker, D.: A Calculus of Mobile Processes, Part I/II. Journal of Information and Computation 100(1), 1–77 (1992)MATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Parrow, J.: An Introduction to the Pi calculus. Handbook of Process Algebra, pp. 479–543. Elsevier, Amsterdam (2001)Google Scholar
  11. 11.
    Sangiorgi, D., Walker, D.: The pi calculus: A theory of Mobile Processes. Cambridge University Press, Cambridge (2001)MATHGoogle Scholar
  12. 12.
    Abadi, M., Gordon, A.D.: A Calculus for Cryptographic Protocols: The Spi Calculus. In: ACM Conference on Computer and Communications Security, pp. 36–47 (1997)Google Scholar
  13. 13.
    Hennessy, M., Riely, J.: Information Flow vs. Resource Access in the Asynchronous Pi-Calculus. ACM Transactions on Programming Languages and Systems 24(5), 566–591 (2002)CrossRefGoogle Scholar
  14. 14.
    Padget, J.A., Bradford, R.J.: A pi-calculus Model of a Spanish Fish Market - Preliminary Report. In: Noriega, P., Sierra, C. (eds.) AMET 1998 and AMEC 1998. LNCS, vol. 1571, pp. 166–188. Springer, Heidelberg (1999)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Yahui Lu
    • 1
    • 2
  • Li Zhang
    • 1
  • Yinbo Liu
    • 1
    • 2
  • Jiaguang Sun
    • 1
    • 2
  1. 1.School of SoftwareTsinghua UniversityBeijingChina
  2. 2.Department of Computer Science and TechnologyTsinghua UniversityBeijingChina

Personalised recommendations