The paper presents a short overview of the foundations of the Role-Based Access Control Modal Model and its properties. In particular, the translation of these model formulae to the first-order logic formulae in a form of Horn's clauses is analysed. The automation of processes and mechanisms related to access control on the basis of logical automated reasoning and the PROLOG language are described.
@article{bwmeta1.element.bwnjournal-article-amcv12i2p269bwm,
author = {Ko\l aczek, Grzegorz},
title = {Application of deontic logic in Role-Based Access Control},
journal = {International Journal of Applied Mathematics and Computer Science},
volume = {12},
year = {2002},
pages = {269-275},
zbl = {1007.68175},
language = {en},
url = {http://dml.mathdoc.fr/item/bwmeta1.element.bwnjournal-article-amcv12i2p269bwm}
}
Kołaczek, Grzegorz. Application of deontic logic in Role-Based Access Control. International Journal of Applied Mathematics and Computer Science, Tome 12 (2002) pp. 269-275. http://gdmltest.u-ga.fr/item/bwmeta1.element.bwnjournal-article-amcv12i2p269bwm/
[000] Barkley J., Cincotta A., Ferraiolo D., Gavrilla S. and Kuhn R. (1997): Role based access control for the World Wide Web. - Proc. NIST-NSA Nat. Computer Security Conf., Baltimore, pp. 23-34.
[001] Bolc L., Dziewicki K., Rychlik P., Szałas A. (1995): Reasoning in Non-Classical Logic. Theoretical Basis. - Warsaw: Akademicka Oficyna Wydawnicza PLJ.
[002] Bolc L., Dziewicki K., Rychlik P., Szałas A. (1998): Reasoning in Non-Classical Logic. Reasoning Automation. - Warsaw: Akademicka Oficyna Wydawnicza PLJ.
[003] Chen F., Sandhu R.S. (1996): Constraints for role-based access control. - Proc. ACM Workshop on RBAC, Gaithersburg, USA, pp. 382-390.
[004] CCIB (1999): Common criteria for information technology security evaluation, Ver. 2.1. - Common Criteria Implementation Board-99-01.
[005] Denning D.E. (1982): Cryptography and Data Security. -Massachusetts: Addison-Wesley. | Zbl 0573.68001
[006] Ferraiolo D., Barkley F. (1997): Specifying and managing role-based access control within a corporate Intranet. - Proc. 2nd ACM Workshop on RBAC, Fairfax, USA, pp. 69-78.
[007] Kołaczek G. (2001): Model of role based access control mechanism. -Ph. D. thesis, Technical University of Wrocław, Wrocław, Poland. | Zbl 1007.68175
[008] Mally E. (1926): Grundgesetze des Sollens. Elemente der Logik des Willens. -Graz: Leuschner and Lubensky.
[009] NCSC (1985): Trusted Computer Security Evaluation Criteria. - National Computer Security Centre, DOD 5200.28-STD.
[010] Sandhu R. (1992): Lattice-based enforcement of chinese walls. - Comp. Security, Vol. 11, No. 8, pp. 753-763.
[011] Sandhu R. (1996): Role hierarchies and constraints for lattice-based access controls. -Proc. 4-th Europ. Symp. Research in Computer Security, Rome, Italy, pp. 20-25.
[012] Sandhu R. (1997): Rationale for the RBAC96 family of access control models. -Proc. 1st ACM Workshop Role-Based Access Control, Gaithersburg, USA, pp. 32-38.
[013] Sandhu R. (1998): Role activation hierarchies. - Proc. 3-rd ACM Workshops Role-Based Access Control, Fairfax, USA, pp. 56-65.
[014] Sandhu R, Bhamidipati V., Coyne E., Ganta S, Youman Ch. (1997): The ARBAC97 model for role-based administration of roles: Preliminary description and outline. - Proc. 2nd ACM Workshop Role-Based Access Control, Fairfax, USA, pp. 41-50.
[015] Sandhu R, Bhamidipati V., Munawer Q. (1999): The ARBAC97 model for role-based administration of roles. - ACM Trans. Inf. Syst. Secur., Vol. 2, No. 1, pp. 105-135.
[016] Sandhu R.S., Coyne E.J., Feinstein H. L., Youman Ch.E. (1994): Role-based access control: A multi-dimensional view. - Proc. 10-ths Annual Computer Security Application Conf., Greater Orlando, USA, pp. 54-62.
[017] Shirey R. (2000): Request for Comments 2828. - The Internet Society, available at http://www.rfceditor.org.rfc.html
[018] von Wright G.H. (1951): Deontic logic. - Mind, Vol. 60, No. 237, pp. 1-15. | Zbl 0943.03004