Abstract
Access to only authorized resources is provided by access control mechanisms. Active or Event-Condition-Action rules make the underlying systems and applications active by detecting and reacting to changes. In this paper, we show how active rules can be used to enforce Role-Based Access Control (RBAC) standard. First, we analyze different components of active rules and their mappings for enforcing RBAC standard. Second, we discuss how RBAC standard is enforced using active rules. Finally, we discuss how active rules extend RBAC standard to cater to a large class of applications.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sandhu, R.S., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
The Economic Impact of Role-Based Access Control, NIST (2002), http://www.nist.gov/director/prog-ofc/report02-1.pdf
Role-Based Access Control Case Studies and Experience, NIST, http://csrc.nist.gov/rbac/RBAC-case-studies.html
RBAC Standard, ANSI INCITS 359-2004, International Committee for IT Standards (2004)
Chen, F., Sandhu, R.S.: Constraints for role-based access control. In: Proc. of the ACM Workshop on RBAC, p. 14. ACM Press, New York (1996)
Strembeck, M., Neumann, G.: An integrated approach to engineer and enforce context constraints in RBAC environments. ACM TISSEC 7(3), 392–427 (2004)
Adaikkalavan, R., Chakravarthy, S.: When to Trigger Active Rules?. In: Proc. of the COMAD, Mysore, India (December 2009)
Demers, A.J., Gehrke, J., Panda, B., Riedewald, M., Sharma, V., White, W.M.: Cayuga: A general purpose event monitoring system. In: Proc. of the CIDR, pp. 412–422 (2007)
Adaikkalavan, R., Chakravarthy, S.: Event Specification and Processing For Advanced Applications: Generalization and Formalization. In: Wagner, R., Revell, N., Pernul, G. (eds.) DEXA 2007. LNCS, vol. 4653, pp. 369–379. Springer, Heidelberg (2007)
Adaikkalavan, R., Chakravarthy, S.: SnoopIB: Interval-Based Event Specification and Detection for Active Databases. DKE 59(1), 139–165 (2006)
Carlson, J., Lisper, B.: An Interval-Based Algebra for Restricted Event Detection. In: Larsen, K.G., Niebert, P. (eds.) FORMATS 2003. LNCS, vol. 2791, pp. 121–133. Springer, Heidelberg (2004)
Paton, N.W.: Active Rules in Database Systems. Springer, New York (1999)
Widom, J., Ceri, S.: Active Database Systems: Triggers and Rules. Morgan Kaufmann Publishers, Inc. (1996)
Chakravarthy, S., Krishnaprasad, V., Anwar, E., Kim, S.-K.: Composite Events for Active Databases: Semantics, Contexts, and Detection. In: Proc. of the VLDB, pp. 606–617 (1994)
Gatziu, S., Dittrich, K.R.: Events in an Object-Oriented Database System. In: Proc. of the Rules in Database Systems (September 1993)
Gehani, N.H., Jagadish, H.V., Shmueli, O.: Composite Event Specification in Active Databases: Model & Implementation. In: Proc. of the VLDB, pp. 327–338 (1992)
Chakravarthy, S., Anwar, E., Maugis, L., Mishra, D.: Design of Sentinel: An Object-Oriented DBMS with Event-Based Rules. IST 36(9), 559–568 (1994)
Galton, A., Augusto, J.: Two Approaches to Event Definition. In: Hameurlain, A., Cicchetti, R., Traunmüller, R. (eds.) DEXA 2002. LNCS, vol. 2453, pp. 547–556. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Adaikkalavan, R., Chakravarthy, S. (2012). Access Control Using Active Rules. In: MacKinnon, L.M. (eds) Data Security and Security Data. BNCOD 2010. Lecture Notes in Computer Science, vol 6121. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25704-9_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-25704-9_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25703-2
Online ISBN: 978-3-642-25704-9
eBook Packages: Computer ScienceComputer Science (R0)