摘要
基于角色的访问控制(RBAC)是目前访问控制领域的主流模型。与传统访问控制模型相比,它有效降低了安全管理的成本,大幅提高了系统效率。然而,在复杂应用环境中,RBAC模型本身的一些局限和不足也逐渐暴露出来。本文着重研究了RBAC模型存在的一些问题,并提出了一个基于答集程序设计(ASP)的框架对这些问题加以解决,主要工作包括:
1.提出基于ASP的RBAC形式化框架。由于RBAC缺少一个形式化的框架来支持知识的表示与推理,访问控制规则的制定、执行与维护均易于出错,从而带来许多安全隐患。我们基于ASP对ANSI RBAC参考模型中的四大模型组件进行了形式化,并举例说明了这一框架能够很好地支持访问控制规则的制定和执行。
2.提出基于ASP的授权框架,使RBAC支持复杂策略及策略的组合。访问控制策略是一系列规则的组合,对复杂策略的支持可以保证访问控制授权决策的推理和执行。我们首先提出一个基于ASP的负授权RBAC模型,扩展ANSIRBAC标准来使其支持负授权策略;其次,对主要的策略分别进行形式化并加以整合,提出了一个可灵活支持各类访问控制策略的授权框架;最后,对这一框架的安全性及可行性进行了证明。
3.提出一种基于ASP的方法来解决域间角色映射(IDRM)问题。我们通过扩展RBAC形式化框架,使其能够有效地支持分布式环境下的域间角色映射问题。基于ASP,我们借助图的染色问题提出了一种IDRM问题的求解方法。最后,对域间角色映射带来的冲突问题进行讨论,并给出了冲突消解规则。
Role Based Access Control (RBAC) is recognized as the predominant model in the ac-cess control field nowadays.Compared with traditional access control models, RBACobviously reduces the security administration cost and improves the system efficiency.However, many limitations of RBAC model surface in complex application environ-ment. In this dissertation, we study the disadvantages of RBAC model, and present aframework based on answer set programming (ASP) to address the issues. The maincontributions of this thesis are as follows:
1. Present an ASP-based RBAC formalization framework. Access control rulesare error-prone due to the lack of a formalization framework for knowledge represen-tation and reasoning. We represent the model components of ANSI RBAC referencemodel, and illustrate that our logic framework is flexible and efficient for access controlreasonings.
2. Propose an ASP-based authorization framework to support complicated andcombined policies. Policies are sets of specific access control rules. The support forflexible policies ensures the authorization decisions in RBAC systems. We proposean ASP-based RBAC extended model for negative authorization first. Then the fourmajor groups of policies are represented and integrated as an authorization framework.Finally, we prove the systems based on our framework are both safe and available.
3. Propose an ASP-based approach for Inter-domain Role Mapping (IDRM) prob-lem. We extend the ASP-based RBAC framework to support the IDRM problem indistributed environments. Based on ASP, we employ the graph coloring problem andput forward an approach to solve IDRM problem. Conflicts that brought by IDRM arediscuss in the following, with sets of rules for conflict resolution.
引文
[1] Eduardo B Fernandez, Rita C Summers, Christopher Wood. Database security and integri-ty[M]. Addison-Wesley Longman Publishing Co., Inc.,1981
[2] HongHai Shen, Prasun Dewan. Access control for collaborative environments[C]. Proceed-ings of the1992ACM conference on Computer-supported cooperative work. ACM,1992,51–58
[3] Ravi S Sandhu, Pierangela Samarati. Access control: principle and practice[J]. Communi-cations Magazine, IEEE.1994,32(9):40–48
[4] Pierangela Samarati, Sabrina de Vimercati. Access control: Policies, models, and mecha-nisms[J]. Foundations of Security Analysis and Design.2001:137–196
[5] Butler W Lampson. Protection[J]. ACM SIGOPS Operating Systems Review.1974,8(1):18–24
[6] D Elliott Bell, Leonard J LaPadula. Secure computer systems: Mathematical foundations[R].Tech. rep., DTIC Document,1973
[7] DOD Tcsec. Trusted computer system evaluation criteria[J]. DoD520028-STD.1985,83
[8] Kenneth J Biba. Integrity considerations for secure computer systems[R]. Tech. rep., DTICDocument,1977
[9] Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, Charles E. Youman. Role-based accesscontrol models[J]. Computer.1996,29(2):38–47
[10] ANSI INCITS. INCITS359-2004, American national standard for information technology,role based access control[Z],2004
[11] Michael Gelfond, Vladimir Lifschitz. The stable model semantics for logic programming[C].Proceedings of the5th International Conference on Logic Programming.1988, vol.161,1070–1080
[12] Victor W Marek, Miroslaw Truszczynski. Stable models and an alternative logic program-ming paradigm[J]. arXiv preprint cs/9809032.1998
[13] Ilkka Niemela¨. Logic programs with stable model semantics as a constraint programmingparadigm[J]. Annals of Mathematics and Artificial Intelligence.1999,25(3):241–273
[14] Vladimir Lifschitz. Foundations of logic programming[J]. Principles of knowledge repre-sentation.1996,3:69–127
[15] Patrik Simons, Ilkka Niemela¨, Timo Soininen. Extending and implementing the stable modelsemantics[J]. Artificial Intelligence.2002,138(1):181–234
[16] Daniel Kroening, Ofer Strichman. Decision procedures: an algorithmic point of view[M].Springer,2008
[17] Krzysztof Apt. Principles of constraint programming[M]. Cambridge University Press,2003
[18] Leon Sterling, Ehud Shapiro, Michel Eytan. The art of Prolog[M], vol.94. Wiley OnlineLibrary,1986
[19] Ivan Bratko. Prolog programming for artificial intelligence[M]. Addison-Wesley LongmanLimited,2001
[20] Thomas Eiter, Wolfgang Faber, Nicola Leone, Gerald Pfeifer. Declarative problem-solvingusing the DLV system[J]. Logic-based artificial intelligence.2000:79–103
[21] Ilkka Niemela¨, Patrik Simons. Smodels―an implementation of the stable model and well-founded semantics for normal logic programs[J]. Logic Programming and NonmonotonicReasoning.1997:420–429
[22] Y Babovich, V Lifschitz. Cmodels[Z],2002
[23] Martin Gebser, Benjamin Kaufmann, Andre′Neumann, Torsten Schaub. clasp: A conflict-driven answer set solver[J]. Logic Programming and Nonmonotonic Reasoning.2007:260–265
[24] David F Ferraiolo, John F Barkley, D Richard Kuhn. A role-based access control model andreference implementation within a corporate intranet[J]. ACM Transactions on Informationand System Security (TISSEC).1999,2(1):34–64
[25] Chen Zhao, Yang Chen, Dawei Xu, NuerMaimaiti Heilili, Zuoquan Lin. Integrative securitymanagement for web-based enterprise applications[J]. Advances in Web-Age InformationManagement.2005:618–625
[26] YongHoon Yi, MyongJae Kim, YoungLok Lee, HyungHyo Lee, BongNam Noh. ApplyingRBAC providing restricted permission inheritance to a corporate web environment[J]. WebTechnologies and Applications.2003:595–595
[27] Jim J Longstaff, Mike A Lockyer, MG Thick. A model of accountability, confidentiality andoverride for healthcare and other applications[C]. Proceedings of the fifth ACM workshopon Role-based access control. ACM,2000,71–76
[28] Longhua Zhang, Gail-Joon Ahn, Bei-Tseng Chu. A role-based delegation framework forhealthcare information systems[C]. Proceedings of the seventh ACM symposium on Accesscontrol models and technologies. ACM,2002,125–134
[29] Luis Franco, Tony Sahama, Peter Croll. Security enhanced Linux to enforce mandatory ac-cess control in health information systems[C]. Proceedings of the second Australasian work-shop on Health data and knowledge management-Volume80. Australian Computer Society,Inc.,2008,27–33
[30] Andrew D Marshall. A financial institution’s legacy mainframe access control system inlight of the proposed NIST RBAC standard[C]. Computer Security Applications Conference,2002. Proceedings.18th Annual. IEEE,2002,382–390
[31] Andreas Schaad, Jonathan Moffett, Jeremy Jacob. The role-based access control system of aEuropean bank: a case study and discussion[C]. Proceedings of the sixth ACM symposiumon Access control models and technologies. ACM,2001,3–9
[32] Zhichao Wen, Bo Zhou, Di Wu. Three-Layers Role-Based Access Control Framework inLarge Financial Web Systems[C]. Computational Intelligence and Software Engineering,2009. CiSE2009. International Conference on. IEEE,2009,1–4
[33] Myong H Kang, Joon S Park, Judith N Froscher. Access control mechanisms for inter-organizational workflow[C]. Proceedings of the sixth ACM symposium on Access controlmodels and technologies. ACM,2001,66–74
[34] John Barkley. Workflow management employing role-based access control[Z],2000. USPatent6,088,679
[35] Reinhardt A Botha, Jan HP Eloff. Designing role hierarchies for access control in workflowsystems[C]. Computer Software and Applications Conference,2001. COMPSAC2001.25thAnnual International. IEEE,2001,117–122
[36] Jean Bacon, Ken Moody. Toward open, secure, widely distributed services[J]. Communica-tions of the ACM.2002,45(6):59–64
[37] Joon S Park, Keith P Costello, Teresa M Neven, Josh A Diosomito. A composite rbac ap-proach for large, complex organizations[C]. Proceedings of the ninth ACM symposium onAccess control models and technologies. ACM,2004,163–172
[38] Sejong Oh, Seog Park. An improved administration method on role-based access controlin the enterprise environment[J]. Journal of Information Science and Engineering.2001,17(6):921–944
[39] Zhenxing Luo, Nuermaimaiti Heilili, Zuoquan Lin. A Flexible Applicable RBAC Model andIts Administration[C]. Database and Expert Systems Applications,2007. DEXA’07.18thInternational Workshop on. IEEE,2007,192–196
[40] NZ Chang, Cungang Yang. An object-oriented RBAC model for distributed system[C]. Soft-ware Architecture,2001. Proceedings. Working IEEE/IFIP Conference on. IEEE,2001,24–32
[41] Jean Bacon, Ken Moody, Walt Yao. A model of OASIS role-based access control and itssupport for active security[J]. ACM Transactions on Information and System Security (TIS-SEC).2002,5(4):492–540
[42] Jason Reid, Ian Cheong, Matthew Henricksen, Jason Smit. A novel use of RBAC to protectprivacy in distributed health care information systems[C]. Information Security and Privacy.Springer,2003,403–415
[43] MAC Dekker, Jason Crampton, Sandro Etalle. RBAC administration in distributed system-s[C]. Proceedings of the13th ACM symposium on Access control models and technologies.ACM,2008,93–102
[44] WANG Xinyu, SUN Jianling, Chao Huang, WU Di. Security violation detection for RBACbased interoperation in distributed environment[J]. IEICE transactions on information andsystems.2008,91(5):1447–1456
[45] James BD Joshi, Walid G Aref, Arif Ghafoor, Eugene H Spafford. Security models forweb-based applications[J]. Communications of the ACM.2001,44(2):38–44
[46] Xin SONG, Hui XIA, Xue-tong WANG. Access Control of Web Application Based onRBAC model in.NET Environment [J][J]. Computer technology and development.2006,4:075
[47] Prasanna H Bammigatti, PR Rao. GenericWA-RBAC: role based access control model forweb applications[C]. Information Technology,2006. ICIT’06.9th International Conferenceon. IEEE,2006,237–240
[48] Xu Feng, Lin Guoyan, Huang Hao, Xie Li. Role-based access control system for Web ser-vices[C]. Computer and Information Technology,2004. CIT’04. The Fourth InternationalConference on. IEEE,2004,357–362
[49] Joon S Park, Ravi Sandhu. RBAC on the Web by smart certificates[C]. Proceedings of thefourth ACM workshop on Role-based access control. ACM,1999,1–9
[50] David Ferraiolo, D Richard Kuhn, Ramaswamy Chandramouli. Role-based access con-trol[M]. Artech House,2007
[51] John E Dobson, John A McDermid. Security models and enterprise models[J]. DatabaseSecurity II: Status&Prospects.1989,39
[52] Robert W Baldwin. Naming and grouping privileges to simplify security management inlarge databases[C]. Research in Security and Privacy,1990. Proceedings.,1990IEEE Com-puter Society Symposium on. IEEE,1990,116–132
[53] Daniel J Thomsen. Role-based application design and enforcement[J]. Database Security,IV: Status and Prospects.1991:151–168
[54] David FC Brewer, Michael J Nash. The Chinese wall security policy[C]. Security andPrivacy,1989. Proceedings.,1989IEEE Symposium on. IEEE,1989,206–214
[55] David Ferraiolo, D Richard Kuhn. Role-based access control[C]. Proceedings of the NIST-NSA National (USA) Computer Security Conference.1992,554–563
[56] David Ferraiolo, Janet Cugini, D Richard Kuhn. Role-based access control (RBAC): Featuresand motivations[C]. Proceedings of11th Annual Computer Security Application Conference.sn,1995,241–48
[57] Luigi Giuri, Pietro Iglio. Role templates for content-based access control[C]. Proceedingsof the second ACM workshop on Role-based access control. ACM,1997,153–159
[58] Elisa Bertino, Piero Andrea Bonatti, Elena Ferrari. TRBAC: A temporal role-based accesscontrol model[J]. ACM Transactions on Information and System Security (TISSEC).2001,4(3):191–233
[59] Elisa Bertino. RBAC models―concepts and trends[J]. Computers&Security.2003,22(6):511–514
[60] Matthew J Moyer, M Abamad. Generalized role-based access control[C]. Distributed Com-puting Systems,2001.21st International Conference on. IEEE,2001,391–398
[61] Ezedin Barka, Ravi Sandhu. Framework for role-based delegation models[C]. ComputerSecurity Applications,2000. ACSAC’00.16th Annual Conference. IEEE,2000,168–176
[62] Ezedin Barka, Ravi Sandhu, et al. A role-based delegation model and some extensions[C].Proceedings of the23rd National Information Systems Security Conference. Citeseer,2000,vol.4,49–58
[63] Ezedin Barka, Ravi Sandhu. Role-based delegation model/hierarchical roles (RBDM1)[C].Computer Security Applications Conference,2004.20th Annual. IEEE,2004,396–404
[64] SangYeob Na, SuhHyun Cheon. Role delegation in role-based access control[C]. Proceed-ings of the fifth ACM workshop on Role-based access control. ACM,2000,39–44
[65] Andreas Schaad. Detecting conflicts in a role-based delegation model[C]. Computer SecurityApplications Conference,2001. ACSAC2001. Proceedings17th Annual. IEEE,2001,117–126
[66] Longhua Zhang, Gail-Joon Ahn, Bei-Tseng Chu. A rule-based framework for role baseddelegation[C]. Proceedings of the sixth ACM symposium on Access control models andtechnologies. ACM,2001,153–162
[67] Xinwen Zhang, Sejong Oh, Ravi Sandhu. PBDM: a flexible delegation model in RBAC[C].Proceedings of the eighth ACM symposium on Access control models and technologies.ACM,2003,149–157
[68] Jacques Wainer, Akhil Kumar. A fine-grained, controllable, user-to-user delegation methodin RBAC[C]. Proceedings of the tenth ACM symposium on Access control models andtechnologies. ACM,2005,59–66
[69] James BD Joshi, Elisa Bertino. Fine-grained role-based delegation in presence of the hybridrole hierarchy[C]. Proceedings of the eleventh ACM symposium on Access control modelsand technologies. ACM,2006,81–90
[70] Meriam Ben-Ghorbel-Talbi, Fre′de′ric Cuppens, Nora Cuppens-Boulahia, Adel Bouhoula. Adelegation model for extended RBAC[J]. International Journal of Information Security.2010,9(3):209–236
[71] Roshan K Thomas. Team-based access control (TMAC): a primitive for applying role-basedaccess controls in collaborative environments[C]. Proceedings of the second ACM workshopon Role-based access control. ACM,1997,13–19
[72] Weigang Wang. Team-and-role-based organizational context and access control for cooper-ative hypermedia environments[C]. Proceedings of the tenth ACM Conference on Hypertextand hypermedia: returning to our diverse roots: returning to our diverse roots. ACM,1999,37–46
[73] Christos K Georgiadis, Ioannis Mavridis, George Pangalos, Roshan K Thomas. Flexibleteam-based access control using contexts[C]. Proceedings of the sixth ACM symposium onAccess control models and technologies. ACM,2001,21–27
[74] Zhen Xu, Dengguo Feng, Lan Li, Hua Chen. UC-RBAC: A usage constrained role-basedaccess control model[J]. Information and Communications Security.2003:337–347
[75] Marc Wilikens, Simone Feriti, Alberto Sanna, Marcelo Masera. A context-related autho-rization and access control method based on RBAC[C]. Proceedings of the seventh ACMsymposium on Access control models and technologies. ACM,2002,117–124
[76] RJ Hulsebosch, Alfons H Salden, Mortaza S Bargh, Peter WG Ebben, J Reitsma. Contextsensitive access control[C]. Proceedings of the tenth ACM symposium on Access controlmodels and technologies. ACM,2005,111–119
[77] Elisa Bertino, Barbara Catania, Maria Luisa Damiani, Paolo Perlasca. GEO-RBAC: a spa-tially aware RBAC[C]. Proceedings of the tenth ACM symposium on Access control modelsand technologies. ACM,2005,29–37
[78] Axel Kern. Advanced features for enterprise-wide role-based access control[C]. ComputerSecurity Applications Conference,2002. Proceedings.18th Annual. IEEE,2002,333–342
[79] Axel Kern, Martin Kuhlmann, Andreas Schaad, Jonathan Moffett. Observations on the rolelife-cycle in the context of enterprise security management[C]. Proceedings of the seventhACM symposium on Access control models and technologies. ACM,2002,43–51
[80] Jaehong Park, Ravi Sandhu. Towards usage control models: beyond traditional access con-trol[C]. Proceedings of the seventh ACM symposium on Access control models and tech-nologies. ACM,2002,57–64
[81] Ravi Sandhu, Jaehong Park. Usage control: A vision for next generation access control[J].Computer Network Security.2003:17–31
[82] Song-Hwa Chae, KIM Wonil, KIM Dong-Kyoo. uT-RBAC: Ubiquitous role-based accesscontrol model[J]. IEICE Transactions on Fundamentals of Electronics, Communications andComputer Sciences.2006,89(1):238–239
[83] Vladimir Lifschitz. What is answer set programming[C]. Proceedings of the AAAI Confer-ence on Artificial Intelligence.2008,1594–1597
[84] Thomas Eiter, Wolfgang Faber, Nicola Leone, Gerald Pfeifer. The diagnosis frontend of thedlv system[J]. AI Communications.1999,12(1):99–111
[85] Nicola Leone, Gerald Pfeifer, Wolfgang Faber, Francesco Calimeri, Tina Dell’Armi,Thomas Eiter, Georg Gottlob, Giovambattista Ianni, Giuseppe Ielpa, Christoph Koch, et al.The DLV system[M]. Springer,2002
[86] Nicola Leone, Gerald Pfeifer, Wolfgang Faber, Thomas Eiter, Georg Gottlob, Simona Perri,Francesco Scarcello. The DLV system for knowledge representation and reasoning[J]. ACMTransactions on Computational Logic (TOCL).2006,7(3):499–562
[87] Wolfgang Faber, Gerald Pfeifer, Nicola Leone, Tina Dell’Armi, Giuseppe Ielpa. Designand implementation of aggregate functions in the dlv system[J]. Theory and Practice ofLogic Programming.2008,8(5-6):545–580
[88] Manuel Koch, Luigi V Mancini, Francesco Parisi-Presicce. A graph-based formalism for R-BAC[J]. ACM Transactions on Information and System Security (TISSEC).2002,5(3):332–365
[89] Trent Jaeger, Jonathon E Tidswell. Practical safety in flexible access control models[J]. ACMTransactions on Information and System Security (TISSEC).2001,4(2):158–190
[90] B Steinmuller, J Safarik. Extending role-based access control model with states[C]. EU-ROCON’2001, Trends in Communications, International Conference on. IEEE,2001, vol.2,398–399
[91] Ravi Sandhu. A perspective on graphs and access control models[J]. Graph Transformations.2004:163–166
[92] Manuel Koch, Luigi V Mancini, Francesco Parisi-Presicce. Graph-based specification ofaccess control policies[J]. Journal of Computer and System Sciences.2005,71(1):1–33
[93] Guoli Ding, Jianhua Chen, RF Lax, Peter P Chen. Graph-theoretic method for mergingsecurity system specifications[J]. Information Sciences.2007,177(10):2152–2166
[94] Dana Zhang, Kotagiri Ramamohanarao, Tim Ebringer. Role engineering using graph op-timisation[C]. Proceedings of the12th ACM symposium on Access control models andtechnologies. ACM,2007,139–144
[95] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, Nino Vincenzo Verde. Miningstable roles in RBAC. Emerging Challenges for Security, Privacy and Trust, Springer,2009.259–269
[96] Raymond Reiter. On reasoning by default[C]. Proceedings of the1978workshop on The-oretical issues in natural language processing. Association for Computational Linguistics,1978,210–218
[97] Raymond Reiter. A logic for default reasoning[J]. Artificial intelligence.1980,13(1):81–132
[98] Thomas YC Woo, Simon S Lam. A semantic model for authentication protocols[C]. Re-search in Security and Privacy,1993. Proceedings.,1993IEEE Computer Society Sympo-sium on. IEEE,1993,178–194
[99] Georg Gottlob. Complexity results for nonmonotonic logics[J]. Journal of Logic and Com-putation.1992,2(3):397–425
[100] Teodor C Przymusinski. On the declarative semantics of deductive databases and logic pro-grams[C]. Foundations of deductive databases and logic programming. Morgan KaufmannPublishers Inc.,1988,193–216
[101] Sushil Jajodia, Pierangela Samarati, Maria Luisa Sapino, VS Subrahmanian. Flexible supportfor multiple access control policies[J]. ACM Transactions on Database Systems (TODS).2001,26(2):214–260
[102] Elisa Bertino, Barbara Catania, Elena Ferrari, Paolo Perlasca. A logical framework for rea-soning about access control models[J]. ACM Transactions on Information and System Secu-rity (TISSEC).2003,6(1):71–127
[103] Steve Barker, Peter J Stuckey. Flexible access control policy specification with constraintlogic programming[J]. ACM Transactions on Information and System Security (TISSEC).2003,6(4):501–546
[104] Joxan Jaffar, J-L Lassez. Constraint logic programming[C]. Proceedings of the14th ACMSIGACT-SIGPLAN symposium on Principles of programming languages. ACM,1987,111–119
[105] Yang Chen. Answer Set Program-Based RBAC Model,master thesis[D]. Ph.D. thesis, PekingUniversity,2008
[106] Gail-Joon Ahn, Hongxin Hu, Joohyung Lee, Yunsong Meng. Representing and reasoningabout web access control policies[C]. Computer Software and Applications Conference(COMPSAC),2010IEEE34th Annual. IEEE,2010,137–146
[107] Chen Zhao, NuerMaimaiti Heilili, Shengping Liu, Zuoquan Lin. Representation and rea-soning on rbac: A description logic approach[J]. Theoretical Aspects of Computing–ICTAC2005.2005:381–393
[108] Nuermaimaiti Heilili, Yang Chen, Chen Zhao, Zhenxing Luo, Zuoquan Lin. An OWL-basedapproach for RBAC with negative authorization[J]. Knowledge Science, Engineering andManagement.2006:164–175
[109] Jung Chae, Nematollaah Shiri. Formalization of RBAC policy with object class hierarchy[J].Information Security Practice and Experience.2007:162–176
[110] Martin Knechtel, Jan Hladik. RBAC authorization decision with DL reasoning[Z],2008
[111] Martin Knechtel, Jan Hladik, Frithjof Dau. Using OWL DL Reasoning to decide aboutauthorization in RBAC[C]. OWLED’08: Proceedings of the OWLED2008Workshop onOWL: Experiences and Directions.2008
[112] Andrzej Uszok, Jeffrey Bradshaw, Renia Jeffers, Niranjan Suri, Patrick Hayes, MaggieBreedy, Larry Bunch, Matt Johnson, Shriniwas Kulkarni, James Lott. KAoS policy and do-main services: Toward a description-logic approach to policy representation, deconfliction,and enforcement[C]. Policies for Distributed Systems and Networks,2003. Proceedings.POLICY2003. IEEE4th International Workshop on. IEEE,2003,93–96
[113] Andrzej Uszok, Jeffrey M Bradshaw, Matthew Johnson, Renia Jeffers, Austin Tate, Jeff Dal-ton, Stuart Aitken. KAoS policy management for semantic web services[J]. IntelligentSystems, IEEE.2004,19(4):32–41
[114] Vladimir Kolovski, James Hendler, Bijan Parsia. Analyzing web access control policies[C].Proceedings of the16th international conference on World Wide Web. ACM,2007,677–686
[115] Ian Horrocks, Peter F Patel-Schneider, Harold Boley, Said Tabet, Benjamin Grosof, MikeDean, et al. SWRL: A semantic web rule language combining OWL and RuleML[J]. W3CMember submission.2004,21:79
[116] Rodolfo Ferrini, Elisa Bertino. Supporting rbac with xacml+owl[C]. Proceedings of the14th ACM symposium on Access control models and technologies. ACM,2009,145–154
[117] Ji Gao-Feng, Tang Yong, Jiang Yun-Cheng, Yang Hong-Yi. A description logic approachto represent and extend RBAC model[C]. Pervasive Computing and Applications,20061stInternational Symposium on. IEEE,2006,151–156
[118] Franz Baader, Diego Calvanese, Deborah McGuinness, Daniele Nardi, Peter Patel-Schneider.The description logic handbook: Theory, implementation and applications[M]. Cambridgeuniversity press,2003
[119] Fabio Massacci. Reasoning about security: a logic and a decision method for role-basedaccess control[J]. Qualitative and Quantitative Practical Reasoning.1997:421–435
[120] Andrew W Appel, Edward W Felten. Proof-carrying authentication[C]. Proceedings of the6th ACM Conference on Computer and Communications Security. ACM,1999,52–62
[121] Till Mossakowski, Michael Drouineaud, Karsten Sohr. A temporal-logic extension of role-based access control covering dynamic separation of duties[C]. Temporal Representationand Reasoning,2003and Fourth International Conference on Temporal Logic. Proceedings.10th International Symposium on. IEEE,2003,83–90
[122] Vino Crescini, Yan Zhang. A logic based approach for dynamic access control[J]. AI2004:Advances in Artificial Intelligence.2005:75–88
[123] R Reiter. On closed world data bases[C]. Readings in nonmonotonic reasoning. MorganKaufmann Publishers Inc.,1987,300–310
[124] Elisa Bertino, Pierangela Samarati, Sushil Jajodia. An extended authorization model forrelational databases[J]. Knowledge and Data Engineering, IEEE Transactions on.1997,9(1):85–101
[125] Elisa Bertino, Pierangela Samarati, Sushil Jajodia. Authorizations in relational databasemanagement systems[C]. Proceedings of the1st ACM conference on Computer and com-munications security. ACM,1993,130–139
[126] Mohammad A Al-Kahtani, Ravi Sandhu. Rule-based RBAC with negative authorization[C].Computer Security Applications Conference,2004.20th Annual. IEEE,2004,405–415
[127] Tim Moses, et al. Extensible access control markup language (xacml) version2.0[J]. OasisStandard.2005,2
[128] Tim Bray, Jean Paoli, C Michael Sperberg-McQueen, Eve Maler, Franc ois Yergeau. Exten-sible markup language (XML)[J]. World Wide Web Journal.1997,2(4):27–66
[129] Anne Anderson. Core and Hierarchical Role Based Access Control RBAC Profile of XACM-L version2.0[J]. OASIS XACML-TC, Committee Draft.2004,1
[130] Markus Lorch, Seth Proctor, Rebekah Lepro, Dennis Kafura, Sumit Shah. First experiencesusing XACML for access control in distributed systems[C]. Proceedings of the2003ACMworkshop on XML security. ACM,2003,25–37
[131] Jason Crampton. XACML and role-based access control[C]. Presentation at DIMACS Work-shop on Security of Web Services (DIMACS2005).2005
[132] Diala Abi Haidar, Nora Cuppens-Boulahia, Frederic Cuppens, Herve Debar. An extended R-BAC profile of XACML[C]. Proceedings of the3rd ACM workshop on Secure web services.ACM,2006,13–22
[133] Maha Aburahma, Reinhard Stumptner. Modeling location attributes using XACML-RBACmodel[C]. Proceedings of the7th International Conference on Advances in Mobile Comput-ing and Multimedia. ACM,2009,251–254
[134] Yuri Demchenko, Leon Gommans, Andrew Tokmakoff, Rene van Buuren. Policy basedaccess control in dynamic Grid-based collaborative environment[C]. Collaborative Tech-nologies and Systems,2006. CTS2006. International Symposium on. IEEE,2006,64–73
[135] David W Chadwick, Sassa Otenko, Tuan Anh Nguyen. Adding support to XACML for multi-domain user to user dynamic delegation of authority[J]. International Journal of InformationSecurity.2009,8(2):137–152
[136] Vijayant Dhankhar, Saket Kaushik, Duminda Wijesekera. XACML policies for exclusiveresource usage[J]. Data and Applications Security XXI.2007:275–290
[137] Don Box, Francisco Curbera, Maryann Hondo, Chris Kaler, Dave Langworthy, AnthonyNadalin, Nataraj Nagaratnam, Mark Nottingham, Claus von Riegen, John Shewchuk. Webservices policy framework (WS-Policy)[J]. Microsoft, IBM etc.2003
[138] Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, Pierangela Sama-rati. A fine-grained access control system for XML documents[J]. ACM Transactions onInformation and System Security (TISSEC).2002,5(2):169–202
[139] Anne H Anderson. An introduction to the web services policy language (wspl)[C]. Poli-cies for Distributed Systems and Networks,2004. POLICY2004. Proceedings. Fifth IEEEInternational Workshop on. IEEE,2004,189–192
[140] Rafae Bhatti, Arif Ghafoor, Elisa Bertino, James BD Joshi. X-GTRBAC: an XML-basedpolicy specification framework and architecture for enterprise-wide access control[J]. ACMTransactions on Information and System Security (TISSEC).2005,8(2):187–227
[141] M Kudoh, Y Hirayama, S Hada, A Vollschwitz. Access control specification based on policyevaluation and enforcement model and specification language[C]. Symposium on Cryp-tograpy and Information Security, SCIS.2000
[142] Michiharu Kudo, Satoshi Hada. XML document security based on provisional authoriza-tion[C]. Proceedings of the7th ACM conference on Computer and communications security.ACM,2000,87–96
[143] James A Hoagland, Raju Pandey, Karl N Levitt. Security policy specification using a graph-ical approach[J]. arXiv preprint cs/9809124.1998
[144] Carlos Ribeiro, Andre Zuquete, Paulo Ferreira, Paulo Guedes. SPL: An access control lan-guage for security policies with complex constraints[C]. Proceedings of the Network andDistributed System Security Symposium.2001
[145] Nicodemos Damianou, Naranker Dulay, Emil Lupu, Morris Sloman. The ponder policyspecification language[J]. Policies for Distributed Systems and Networks.2001:18–38
[146] Naranker Dulay, Emil Lupu, Morris Sloman, Nicodemos Damianou. A policy deploymen-t model for the ponder language[C]. Integrated Network Management Proceedings,2001IEEE/IFIP International Symposium on. IEEE,2001,529–543
[147] Antonio Corradi, Naranker Dulay, Rebecca Montanari, Cesare Stefanelli. Policy-driven man-agement of agent systems. Policies for Distributed Systems and Networks, Springer,2001.214–229
[148] Matt Blaze, Joan Feigenbaum, Angelos Keromytis. KeyNote: Trust management for public-key infrastructures[C]. Security Protocols. Springer,1999,625–625
[149] Tyrone Grandison, Morris Sloman. Trust management tools for internet applications[J]. TrustManagement.2003:1071–1071
[150] Matt Blaze, Joan Feigenbaum, John Ioannidis, Angelos Keromytis. The role of trust man-agement in distributed systems security[J]. Secure Internet Programming.1999:185–210
[151] Matt Blaze, John Ioannidis, Angelos Keromytis. Experience with the keynote trust manage-ment system: Applications and future directions[J]. Trust Management.2003:1071–1071
[152] Piero A Bonatti, Pierangela Samarati. A uniform framework for regulating service accessand information release on the web[J]. Journal of Computer Security.2002,10(3):241–271
[153] Kent E Seamons, Marianne Winslett, Ting Yu, Bryan Smith, Evan Child, Jared Jacobson,Hyrum Mills, Lina Yu. Requirements for policy languages for trust negotiation[C]. Policiesfor Distributed Systems and Networks,2002. Proceedings. Third International Workshop on.IEEE,2002,68–79
[154] Ting Yu, Marianne Winslett, Kent E Seamons. Supporting structured credentials and sensi-tive policies through interoperable strategies for automated trust negotiation[J]. ACM Trans-actions on Information and System Security (TISSEC).2003,6(1):1–42
[155] Siqing Du, James BD Joshi. Supporting authorization query and inter-domain role mappingin presence of hybrid role hierarchy[C]. Proceedings of the eleventh ACM symposium onAccess control models and technologies. ACM,2006,228–236
[156] Smithi Piromruen, James BD Joshi. An RBAC framework for time constrained secure inter-operation in multi-domain environments[C]. Object-Oriented Real-Time Dependable Sys-tems,2005. WORDS2005.10th IEEE International Workshop on. IEEE,2005,36–45
[157] Mohamed Shehab, Elisa Bertino, Arif Ghafoor. SERAT: SEcure role mApping techniquefor decentralized secure interoperability[C]. Proceedings of the tenth ACM symposium onAccess control models and technologies. ACM,2005,159–167
[158] Liang Chen, Jason Crampton. Inter-domain role mapping and least privilege[C]. Proceedingsof the12th ACM symposium on Access control models and technologies. ACM,2007,157–162
[159] Liang Chen, Jason Crampton. Set covering problems in role-based access control. ComputerSecurity–ESORICS2009, Springer,2009.689–704
[160] Jaideep Vaidya, Vijayalakshmi Atluri, Qi Guo. The role mining problem: finding a minimaldescriptive set of roles[C]. Proceedings of the12th ACM symposium on Access controlmodels and technologies. ACM,2007,175–184
[161] Alina Ene, William Horne, Nikola Milosavljevic, Prasad Rao, Robert Schreiber, Robert ETarjan. Fast exact and heuristic methods for role minimization problems[C]. Proceedings ofthe13th ACM symposium on Access control models and technologies. ACM,2008,1–10
[162] Jaideep Vaidya, Vijayalakshmi Atluri, Qi Guo. The role mining problem: A formal perspec-tive[J]. ACM Transactions on Information and System Security (TISSEC).2010,13(3):27
[163] Manisha Hingankar, Shamik Sural. Towards role mining with restricted user-role assignmen-t[C]. Wireless Communication, Vehicular Technology, Information Theory and Aerospace&Electronic Systems Technology (Wireless VITAE),20112nd International Conference on.IEEE,2011,1–5
[164] Jaideep Vaidya, Vijayalakshmi Atluri, Janice Warner. RoleMiner: mining roles using subsetenumeration[C]. Proceedings of the13th ACM conference on Computer and communica-tions security. ACM,2006,144–153
[165] Mario Frank, Joachim M Buhmann, David Basin. On the definition of role mining[C]. Pro-ceedings of the15th ACM symposium on Access control models and technologies. ACM,2010,35–44
[166] Apu Kapadia, Jalal Al-Muhtadi, Roy H Campbell, Dennis Mickunas. IR AC2000: SecureInteroperability Using Dynamic Role Translation[C]. Proceedings of The1st InternationalConference on Internet Computing.2000,231–238
[167] Jalal Al-Muhtadi, Apu Kapadia, Roy Campbell, Dennis Mickunas, et al. The A-IRBAC2000model: Administrative interoperable role-based access control[J]. Chicago: Universityof Illinois.2000
[168] Basit Shafiq, James BD Joshi, Elisa Bertino, Arif Ghafoor. Secure interoperation in a mul-tidomain environment employing RBAC policies[J]. Knowledge and Data Engineering,IEEE Transactions on.2005,17(11):1557–1577
[169] Jinwei Hu, Ruixuan Li, Zhengding Lu. Rbac-based secure interoperation using constraintlogic programming[C]. Computational Science and Engineering,2009. CSE’09. Interna-tional Conference on. IEEE,2009, vol.2,867–872
[170] Mohammad A Al-Kahtani, Ravi Sandhu. A model for attribute-based user-role assignmen-t[C]. Computer Security Applications Conference,2002. Proceedings.18th Annual. IEEE,2002,353–362
[171] David Chadwick, Alexander Otenko, Edward Ball. Role-based access control with X.509attribute certificates[J]. Internet Computing, IEEE.2003,7(2):62–69
[172] Eric Yuan, Jin Tong. Attributed based access control (ABAC) for web services[C]. WebServices,2005. ICWS2005. Proceedings.2005IEEE International Conference on. IEEE,2005
[173] DRichard Kuhn, Edward J Coyne, Timothy R Weil. Adding attributes to role-based accesscontrol[J]. Computer.2010,43(6):79–81
[174] Ed Coyne, Tim Weil. An RBAC implementation and interoperability standard: The INCITScyber security1.1model[J]. Security&Privacy, IEEE.2008,6(1):84–87
[175] Jinwei Hu, Ruixuan Li, Zhengding Lu. Establishing RBAC-based secure interoperabilityin decentralized multi-domain environments. Information Security and Cryptology-ICISC2007, Springer,2007.49–63
[176] Sylvia Osborn. Integrating role graphs: a tool for security integration[J]. Data&KnowledgeEngineering.2002,43(3):317–333
[177] Khalifa Toumi, Ana Cavalli, Mazen El Maarabani. Role based interoperability security poli-cies in collaborative systems[C]. Collaboration Technologies and Systems (CTS),2012In-ternational Conference on. IEEE,2012,471–477
[178] Fre′de′ric Cuppens, Nora Cuppens-Boulahia, Ce′line Coma. O2O: Virtual private organiza-tions to manage security policy interoperability. Information Systems Security, Springer,2006.101–115
[179] A Abou El Kalam, Yves Deswarte, Amine Baina, Mohamed Kaaniche. Access control forcollaborative systems: A web services based approach[C]. Web Services,2007. ICWS2007.IEEE International Conference on. IEEE,2007,1064–1071
