Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us Track your research
Search
Cart
Book cover

IFIP Annual Conference on Data and Applications Security and Privacy

DBSec 2007: Data and Applications Security XXI pp 195–210Cite as

  1. Home
  2. Data and Applications Security XXI
  3. Conference paper
Dynamic Event-Based Access Control as Term Rewriting

Dynamic Event-Based Access Control as Term Rewriting

  • Clara Bertolissi2,
  • Maribel Fernández1 &
  • Steve Barker1 
  • Conference paper

  • 1147 Accesses

  • 14 Citations

Part of the Lecture Notes in Computer Science book series (LNISA,volume 4602)

Abstract

Despite the widespread adoption of Role-based Access Control (RBAC) models, new access control models are required for new applications for which RBAC may not be especially well suited and for which implementations of RBAC do not enable properties of access control policies to be adequately defined and proven. To address these issues, we propose a form of access control model that is based upon the key notion of an event. The access control model that we propose is intended to permit the representation of access control requirements in a distributed and changing computing environment, the proving of properties of access control policies defined in terms of our model, and direct implementations for access control checking.

Keywords

  • Access Control
  • Access Control Policy
  • Access Policy
  • Access Control Model
  • Access Request

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Research partially funded by the EU project Implementing access control mechanisms using rewriting techniques, Marie Curie Intra European Fellowships Programme.

Chapter PDF

Download to read the full chapter text

References

  1. Abadi, M., Gordon, A.: A calculus for cryptographic protocols: The spi calculus. In: Proc. 4th ACM Conf. on Computer and Communication Security, pp. 36–47. ACM Press, New York (1997)

    Google Scholar 

  2. Abbes, T., Bouhoula, A., Rusinowitch, M.: Protocol analysis in intrusion detection using decision tree. In: Proc. ITCC 2004, pp. 404–408 (2004)

    Google Scholar 

  3. Abendroth, J., Jensen, C.: A unified security mechanism for networked applications. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 351–357. Springer, Heidelberg (2004)

    Google Scholar 

  4. Baader, F., Nipkow, T.: Term rewriting and all that. Cambridge University Press, Great Britain (1998)

    CrossRef  MATH  Google Scholar 

  5. Bacon, J., Moody, K., Yao, W.: A model of OASIS RBAC and its support for active security. TISSEC 5(4), 492–540 (2002)

    CrossRef  Google Scholar 

  6. Baral, C., Gelfond, M.: Logic programming and knowledge representation. JLP 20, 73–148 (1994)

    CrossRef  MathSciNet  MATH  Google Scholar 

  7. Barker, S., Fernández, M.: Term rewriting for access control. In: Damiani, E., Liu, P. (eds.) Data and Applications Security XX. LNCS, vol. 4127, Springer, Heidelberg (2006)

    CrossRef  Google Scholar 

  8. Barker, S., Stuckey, P.: Flexible access control policy specification with constraint logic programming. ACM Trans. on Information and System Security 6(4), 501–546 (2003)

    CrossRef  Google Scholar 

  9. Barthe, G., Dufay, G., Huisman, M., de Sousa, S.M.: Jakarta: a toolset to reason about the JavaCard platform. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, Springer, Heidelberg (2001)

    CrossRef  Google Scholar 

  10. Becker, M., Sewell, P.: Cassandra: Distributed access control policies with tunable expressiveness. In: POLICY 2004, pp. 159–168 (2004)

    Google Scholar 

  11. Bertino, E., Bettini, C., Ferrari, E., Samarati, P.: An access control model supporting periodicity constraints and temporal reasoning. ACM TODS 23(3), 231–285 (1998)

    CrossRef  Google Scholar 

  12. Bertino, E., Bonatti, P., Ferrari, E.: TRBAC: A temporal role-based access control model. In: Proc. 5th ACM Workshop on Role-Based Access Control, pp. 21–30. ACM Press, New York (2000)

    CrossRef  Google Scholar 

  13. Bertino, E., Catania, B., Zarri, G.: Intelligent Database Systems. Addison-Wesley, Reading (2001)

    MATH  Google Scholar 

  14. Borovansky, P., Kirchner, C., Kirchner, H., Moreau, P-E.: ELAN from a rewriting logic point of view. TCS 285, 155–185 (2002)

    CrossRef  MathSciNet  MATH  Google Scholar 

  15. Clavel, M., Durán, F., Eker, S., Lincoln, P., Martí-Oliet, N., Meseguer, J., Talcott, C.: The Maude 2.0 system. In: Nieuwenhuis, R. (ed.) RTA 2003. LNCS, vol. 2706, pp. 76–87. Springer, Heidelberg (2003)

    CrossRef  Google Scholar 

  16. Dershowitz, N., Jouannaud, J.-P.: Rewrite Systems. In: van Leeuwen, J. (ed.) Handbook of Theoretical Computer Science: Formal Methods and Semantics, vol. B, North-Holland, Amsterdam (1989)

    Google Scholar 

  17. De Treville, J.: Binder, a logic-based security language. In: Proc. IEEE Symposium on Security and Privacy, pp. 105–113. IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  18. Echahed, R., Prost, F.: Security policy in a declarative style. In: Proc. PPDP 2005, ACM Press, New York (2005)

    Google Scholar 

  19. Fernández, M., Jouannaud, J.-P.: Modular termination of term rewriting systems revisited. In: Reggio, G., Astesiano, E., Tarlecki, A. (eds.) Recent Trends in Data Type Specification. LNCS, vol. 906, Springer, Heidelberg (1995)

    CrossRef  Google Scholar 

  20. Jajodia, S., Samarati, P., Sapino, M., Subrahmaninan, V.S.: Flexible support for multiple access control policies. ACM TODS 26(2), 214–260 (2001)

    CrossRef  MATH  Google Scholar 

  21. Jim, T.: SD3: A trust management system with certified evaluation. In: IEEE Symp. Security and Privacy, pp. 106–115. IEEE Computer Society Press, Los Alamitos (2001)

    Google Scholar 

  22. Kirchner, C., Kirchner, H., Vittek, M.: ELAN user manual. Nancy (France), Technical Report 95-R-342, CRIN (1995)

    Google Scholar 

  23. Klop, J.-W.: Term Rewriting Systems. In: Abramsky, S., Gabbay, D.M., Maibaum, T.S.E. (eds.) Handbook of Logic in Computer Science, vol. 2, Oxford University Press, Oxford (1992)

    Google Scholar 

  24. Klop, J.-W., van Oostrom, V., van Raamsdonk, F.: Combinatory reduction systems, introduction and survey. TCS 121, 279–308 (1993)

    CrossRef  MathSciNet  MATH  Google Scholar 

  25. Koch, M., Mancini, L., Parisi-Presicce, F.: A graph based formalism for rbac. In: Proc. SACMAT 2004, pp. 129–187 (2004)

    Google Scholar 

  26. Marriott, K., Stuckey, P.J.: Programming with Constraints: an Introduction. MIT Press, Cambridge (1998)

    MATH  Google Scholar 

  27. Newman, M.H.A.: On theories with a combinatorial definition of equivalence. Annals of Mathematics 43(2), 223–243 (1942)

    CrossRef  MathSciNet  MATH  Google Scholar 

  28. Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)

    CrossRef  Google Scholar 

  29. de Oliveira, A.S.: Rewriting-based access control policies. In: Proc. of SECRET 2006. ENTCS, Elsevier, Amsterdam (2007)

    Google Scholar 

  30. Wijesekera, D., Jajodia, S.: Policy algebras for access control the predicate case. In: ACM Conf. on Computer and Communications Security, pp. 171–180. ACM Press, New York (2002)

    Google Scholar 

  31. The XSB System Version 2.7.1, Programmer’s Manual (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. King’s College London, Dept. of Computer Science, London WC2R 2LS, U.K.

    Maribel Fernández & Steve Barker

  2. LIF, Université de Provence, Marseille, France

    Clara Bertolissi

Authors
  1. Clara Bertolissi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maribel Fernández
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Steve Barker
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Steve Barker Gail-Joon Ahn

Rights and permissions

Reprints and Permissions

Copyright information

© 2007 IFIP International Federation for Information Processing

About this paper

Cite this paper

Bertolissi, C., Fernández, M., Barker, S. (2007). Dynamic Event-Based Access Control as Term Rewriting. In: Barker, S., Ahn, GJ. (eds) Data and Applications Security XXI. DBSec 2007. Lecture Notes in Computer Science, vol 4602. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73538-0_15

Download citation

  • .RIS
  • .ENW
  • .BIB

  • DOI: https://doi.org/10.1007/978-3-540-73538-0_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-73533-5

  • Online ISBN: 978-3-540-73538-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Publish with us

Policies and ethics

search

Navigation

  • Find a journal
  • Publish with us
  • Track your research

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support
  • Cancel contracts here

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature