Dynamic Delegation Based on Temporal Context

详细信息    查看全文

• 作者：Ouarda Bettaz^a ; ^{ouarda.bettaz.nehab@gmail.com" class="auth_mail" title="E-mail the corresponding author} ; Narhimene Boustia^b ; Aicha Mokhtari^c
• 关键词：access control ; delegation ; revocation ; nonmonotonic description logic ; temporal description logic.
• 刊名：Procedia Computer Science
• 出版年：2016
• 出版时间：2016
• 年：2016
• 卷：96
• 期：Complete
• 页码：245-254
• 全文大小：292 K

文摘

Delegation is a very important part of the administrative process in access control systems; it provides resiliency and flexibility regarding to the management procedure. Delegation is the process of granting a specific authorization from a user to another user of the same system to carry out some functions on his behalf. The delegation, although widely used, is modeled in very little security policies because of its complexity. In this paper we aim to consider the delegation dynamically based on temporal context, to this end we redefine delegation for OrBAC using temporal nonmonotonic description logic. OrBAC is an access control model; it provides the mean to specify contextual authorizations, which facilitates modeling delegation features such as temporary delegation, multiple delegation, revocation, etc. The description logic that we use for the re-formalization process is T- JClassic_δɛ. This logic gives the mean to specify nonmonotonic authorizations, and a better representation of the temporal aspects specific to a given delegation. This new representation augments the expressivity of the model and therefore it facilitates even more the representation and the management of the delegation characteristics.