Skip to main content
Springer Nature Link
Log in

Specifying Role-Based Access Constraints with Object Constraint Language

  • Conference paper
Advanced Web Technologies and Applications (APWeb 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3007))

Included in the following conference series:

Abstract

Constraints are an important aspect of role-based access control (RBAC). Constraints have to be satisfied when an administrator wants to assign (revoke) a role to a user or a permission to a role. The importance of constraints associated with user-role assignments and permission-role assignments in RBAC has been recognized but the modelling of these constraints has not been received much attention. In this paper we use a de facto constraints specification language in software engineering to analyze the constraints in user-role assignments and permission-role assignments. We show how to represent role-based access constraints with object constraint language (OCL) and discuss the future work. Finally, comparisons with other related work are presented.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Ahn, G., Sandhu, R.: Role-based authorization constraints specification. Information and System Security 3(4), 207–226 (2000)

    Article  Google Scholar 

  2. Ahn, G., Shin, M.: Role-Based Authorization Constraints Specification Using Object Constraint Language. In: Tenth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 157–165 (2001)

    Google Scholar 

  3. Ahn, G.J., Sandhu, R.: The RSL 1999 Language for Role-Based Separation of Duty Constraints. In: 4th ACM Workshop on Role-Based Access Control, Fairfax, VA, pp. 43–54 (1999)

    Google Scholar 

  4. Bertino, E., Castano, S., Ferrari, E., Mesiti, M.: Specifying and enforcing access control policies for XML document sources. In: World Wide Web, vol. 3, pp. 139–151. Baltzer Science Publishers BV (2000)

    Google Scholar 

  5. Chen, F., Sandhu, R.: Constraints for Role-Based Access Control. In: First ACM Workshop on Role-Based Access Control, pp. 39-46 (1995)

    Google Scholar 

  6. Feinstein, H.L.: Final report: NIST small business innovative research (SBIR) grant: role based access control: phase 1. Technical report. SETA (1995)

    Google Scholar 

  7. Ferraiolo, D., Cugini, J., Kuhn, R.: Role-based Access Control (RBAC): Features and motivations. In: The 11th Annual Computer Security Applications Conference, New Orleans, LA, pp. 241–248 (1995)

    Google Scholar 

  8. Ferraiolo, D.F., Kuhn, D.R.: Role based access control. In: 15th National Computer Security Conference, pp. 554-563 (1992)

    Google Scholar 

  9. Goldschlag, D., Reed, M., Syverson, P.: Onion routing for anonymous and private Internet connections. Communications of the ACM 24, 39–41 (1999)

    Article  Google Scholar 

  10. Oh, S., Sandhu, R.: A model for role administration using organization structure. In: Seventh ACM Symposium on Access Control Models and Technologies, Monterey, California, USA, pp. 155–162. ACM Press, New York (2002)

    Chapter  Google Scholar 

  11. Richters, M., Gogolla, M.: On Formalizing the UML Object Constraint Language OCL. In: Ling, T.-W., Ram, S., Li Lee, M. (eds.) ER 1998. LNCS, vol. 1507, pp. 449–464. Springer, Heidelberg (1998)

    Google Scholar 

  12. Rumbaugh, J., Jacobson, I., Booch, G.: The Unified Modeling Language Reference Manual. Addison-Wesley publisher, MA (1999)

    Google Scholar 

  13. Sandhu, R.: Role-Based Access Control. Advances in Computers 46 (1998)

    Google Scholar 

  14. Sandhu, R., Munawer, Q.: The ARBAC99 model for administration of roles. In: The Annual Computer Security Applications Conference, Monterey, California, USA, pp. 229–238. ACM Press, New York (1999)

    Google Scholar 

  15. Wang, H., Cao, J., Zhang, Y.: A consumer anonymity scalable payment scheme with role based access control. In: 2nd International Conference on Web Information Systems Engineering (WISE 2001), Kyoto, Japan, pp. 53–62 (2001)

    Google Scholar 

  16. Wang, H., Cao, J., Zhang, Y.: Formal Authorization allocation approaches for role-based access control based on relational algebra operations. In: 3nd International Conference on Web Information Systems Engineering (WISE 2002), Singapore, pp. 301–312 (2002)

    Google Scholar 

  17. Wang, H., Cao, J., Zhang, Y.: Ticket-Based Service Access Scheme for Mobile Users. In: Oudshoorn, M. (ed.) Proceedings of Twenty-Fifth Australian Computer Science Conference, Melbourne, Victoria, pp. 178–187 (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Maths & Computing, University of Southern Queensland, Toowoomba, QLD, 4350, Australia

    Hua Wang

  2. School of Computer Science and Mathematics, Victoria University of Technology, Melbourne City, MC, 8001, Australia

    Yanchun Zhang

  3. Department of Computer Science & Computer Engineering, La Trobe University, Melbourne, VIC, 3086, Australia

    Jinli Cao

  4. School of Information Technology, Swinbourne University of Technology, Hawthorn, Victoria, 3122, Australia

    Jian Yang

Authors
  1. Hua Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yanchun Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jinli Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jian Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Chinese University of Hong Kong, Hong Kong, China

    Jeffrey Xu Yu

  2. The University of News South Wales, NSW 2052, Australia

    Xuemin Lin

  3. Department of Computer Science, Tsinghua University, 100084, Beijing, P.R. China

    Hongjun Lu

  4. Victoria University, Australia

    Yanchun Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wang, H., Zhang, Y., Cao, J., Yang, J. (2004). Specifying Role-Based Access Constraints with Object Constraint Language. In: Yu, J.X., Lin, X., Lu, H., Zhang, Y. (eds) Advanced Web Technologies and Applications. APWeb 2004. Lecture Notes in Computer Science, vol 3007. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24655-8_75

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24655-8_75

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-21371-0

  • Online ISBN: 978-3-540-24655-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics