17th International Workshop on Database and Expert Systems Applications (DEXA'06) (2006)
Sept. 4, 2006 to Sept. 8, 2006
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/DEXA.2006.68
Raman Adaikkalavan , The University of Texas at Arlington, USA
Sharma Chakravarthy , The University of Texas at Arlington, USA
Role-Based Access Control, where object accesses are controlled by roles (or job functions) is a more feasible alternative to traditional access control mechanisms. Constraints play a critical role in realizing and providing finegrained RBAC in diverse domains such as P2P and Grid Computing. In this paper, we have shown how events and authorization rules are used to provide fine-grained RBAC. First, simple events are identified for the RBAC domain. Second, various event operators for modeling constraints such as precedence, non-occurrence, dependency and their combinations are introduced. Third, how eventbased RBAC policies are specified using both simple and complex events are discussed. Finally, how the proposed fine-grained RBAC policies can be exploited for P2P resource management is discussed.
S. Chakravarthy and R. Adaikkalavan, "How to Use Events and Rules for Supporting Role-Based Security? (Invited Paper)," 17th International Workshop on Database and Expert Systems Applications (DEXA'06)(DEXA), Krakow, Poland, 2006, pp. 698-702.