Abstract
This paper presents Privilege Calculus (PC) as a new approach of knowledge representation for Separation of Duty (SD) in the view of process and intents to improve the reconfigurability and traceability of SD. PC presumes that the structure of SD should be reduced to the structure of privilege and then the regulation of system should be analyzed with the help of forms of privilege.
We are grateful for the supporting of the National Natural Science Foundation of China (NSFC, Project No. 70401001).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Simon, R., Zurko, M.: Separation of duty in role-based environments. In: Proceedings of the 10th Computer Security Foundations Workshop, pp. 183–194. IEEE Press, New York (1997)
Gligor, V., Gavrila, S., Ferraiolo, D.: On the formal definition of separation-of-duty policies and their composition. In: Proceedings of Symposium on Security and Privacy, pp. 172–183. IEEE Press, New York (1998)
Sandhu, R.: Future Directions in Role-Based Access Control Models. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds.) MMM-ACNS 2001. LNCS, vol. 2052, pp. 22–26. Springer, Heidelberg (2001)
Sandhu, R.: Role activation hierarchies. In: Proceedings of the third ACM workshop on role-based access control, pp. 33–40. ACM Press, New York (1998)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)
Barka, E., Sandhu, R.: Framework for role-based delegation models. In: Proceedings of the 16th Annual Computer Security Applications Conference, pp. 168–176. IEEE Press, New York (2000)
Jaeger, T.: On the increasing importance of constraints. In: Proceedings of the fourth ACM workshop on role-based access control, pp. 33–42. ACM Press, New York (1999)
Schaad, A.: Detecting Conflicts in a Role-based Delegation Model. In: Proceedings of the 17th Annual Computer Security Applications Conference, pp. 117–126. IEEE Press, New York (2001)
Jaeger, T., Sailer, R., Zhang, X.: Resolving constraint conflicts. In: Proceedings of the 9th ACM symposium on Access control models and technologies, pp. 105–114. ACM Press, New York (2004)
Milner, R.: Communicating and Mobile Systems: the π-Calculus. Cambridge University Press, Cambridge (1999)
Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. Computer 29(2), 38–47 (1996)
Sandhu, R., Bhamidipati, V., Munawer, Q.: The ARBAC97 model for role-based administration of roles. ACM Transactions on Information and System Security 2(1), 105–135 (1999)
Oh, S., Park, S.: Task-role-based access control model. Information Systems 28(6), 533–562 (2003)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lv, C., Wang, J., Liu, L., You, W. (2008). The Separation of Duty with Privilege Calculus . In: Wang, G., Li, T., Grzymala-Busse, J.W., Miao, D., Skowron, A., Yao, Y. (eds) Rough Sets and Knowledge Technology. RSKT 2008. Lecture Notes in Computer Science(), vol 5009. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79721-0_57
Download citation
DOI: https://doi.org/10.1007/978-3-540-79721-0_57
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-79720-3
Online ISBN: 978-3-540-79721-0
eBook Packages: Computer ScienceComputer Science (R0)