Abstract
Role-based access control (RBAC) has been proposed as an alternative solution for expressing access control policies. The generalized temporal RBAC (GTRBAC) extends RBAC by adding time in order to support timed based access control policies. However, GTRBAC does not address certain issues of concurrency such as, synchronization. We propose an approach to the expressions of time and concurrency in RBAC based on timed Petri nets. A formal verification method for access control policies is also proposed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. Computer 29(2), 38–47 (1996)
Peterson, J.L.: Petri Nets. Computing Surveys 9(3), 223–252 (1977)
Ghezzi, C., Mandrioli, D., Morasca, S., Pezze, M.: A General Way to Put Time in Petri Nets, pp. 60–67 (1989)
Merlin, P.M., Farber, D.J.: Recoverability of Communication Protocols - Implications of a Theoretical Study. IEEE Transactions on Communications 24(9), 1036–1043 (1976)
Coolahan, J.E., Roussopoulos, N.: Timing Requirements for Time Driven Systems using Augmented Petri Nets. IEEE Transaction on Software Engineering 9(5), 603–616 (1983)
Stotts Jr., P.D., Pratt, T.W.: Hierarchical Modelling of Software Systems with Timed Petri Nets. In: Proceedings of the 1st International Workshop on Timed Petri Nets, pp. 32–39. IEEE Press, New York (1985)
Joshi, J., Bertino, E., Ghafoor, A.: An Analysis of Expressiveness and Design Issues for the Generalized Temporal Role-Based Access Control Model. IEEE Transactions on Dependable and Secure Computing 2(2), 157–175 (2005)
Petri Net Tools, http://www.informatik.uni-hamburg.de/TGI/PetriNets/tools/
Jűngel, M., Kindler, E., Weber, M.: Towards a Generic Interchange Format for Petri Nets, http://www.daimi.au.dk/pn2000/Interchange/papers/pos_01_final.pdf
Arcoverde Jr., A., Alves Jr., G., Lima, R.: Petri Nets Tools Integration through Eclipse. In: Proceedings of the 2005 OOPSLA Workshop on Eclipse Technology Exchange, pp. 90–94. IEEE Press, New York (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chiang, CC., Bayrak, C. (2009). Concurrency and Time in Role-Based Access Control. In: Park, J.H., Zhan, J., Lee, C., Wang, G., Kim, Th., Yeo, SS. (eds) Advances in Information Security and Its Application. ISA 2009. Communications in Computer and Information Science, vol 36. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02633-1_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-02633-1_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02632-4
Online ISBN: 978-3-642-02633-1
eBook Packages: Computer ScienceComputer Science (R0)