Generalized Temporal Role Based Access Control Model (GTRBAC) (Part I) - Specification and Modeling
Author
James B. D. Joshi, Elisa Bertino, Usman Latif, Arif Ghafoor
Tech report number
CERIAS TR 2001-47
Abstract
A temporal RBAC (TRBAC) model has recently been proposed that addresses the temporal aspects of roles and trigger-based role enabling. However, it is limited to constraints on enabling of roles only. We propose a Generalized Temporal Role Based Access Control model (GTRBAC) that is capable of expressing a wider range of temporal constraints. GTRBAC is capable of expressing periodic as well as duration constraints on roles, user-role assignments and role-permission assignments. In GTRBAC, temporal constraints on role enablings and role activations can be separately specified. A user-activated role can further be restricted to various activation constraints such as cardinality constraint or maximum active duration constraint within a specified interval. The GTRBAC model extends the syntactic structure of TRBAC model and its event and trigger expressions subsume those of TRBAC.
Institution
CERIAS and School of Electrical and Computer Engineering, CERIAS and Department of Computer Science, Dipartimento di Scienze dell
Affiliation
Joshi and Latif are graduate students in school of computer engineering and department of computer science (Purdue) respectively. Professor Ghafoor is from School of Computer Engineering at Purdue and Prof. Bertino is from Dipartimento di Scienze dell
Publication Date
2005-01-01
Keywords
role based access control, security, temporal constraints