Abstract
The Role-Based Access Control (RBAC) model, under which the users are assigned to certain roles while the roles are associated with prescribed permissions, remains one of the most popular authorization control mechanisms. Workflow is a business flow composed of several related tasks. These tasks are interrelated and context-dependent during their execution. Execution context can introduce uncertainty in authorization decisions for tasks. This paper investigates the role-based authorization model with the context constraints and dynamic cardinality constraints. The Petri-net is used to model the authorization process and the formal expression of the model is presented. The general stochastic Petri-net simplifying method is used to analyze and calculate the authorization workload of a role in the system. With this work, given the workflow load, context and role authorization system parameters, we can predict the performance of the constraints role-based authorization system on mobile devices. Based on these performance metrics, the mobile system parameters can be adjusted to achieve the optimal system performance and meet the user demand best.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Thomas, R.K., Sandhu, R.S.: Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management. In: IFIP TC11 WG113 11th International Conference on Database Security XI Status and Prospects, vol. 11, pp. 166–181. Chapman & Hall, Ltd.
Ray, I., Li, N., France, R., Kim, D.K.: Using UML to Visualize Role-based Access Control Constraints. In: Proceedings of the 9th ACM Symposium on Access Control Modelsand Technologies, Yorktown Heights, New York, USA, June 02-04, pp. 115–124 (2004)
Tan, K., Crampton, J., Gunter, C.: The Consistency of Task-based Authorization Constraints in Workflow Systems. In: Proceedings of 17th IEEE Computer Security Foundations Workshop, pp. 155–169 (2004)
Liu, S., Fan, Y.S.: Workflow Model Performance Analysis Concerning Instance Dwelling Times Distribution. In: 2009 IEEE International Symposium on Parallel and Distributed Processing with Applications, ISPA, pp. 601–605 (2009)
He, L., Calleja, M., Hayes, M., Jarvis, S.A.: Performance Prediction for Running Workflows under Role-based Authorization Mechanisms. In: IEEE International Symposium on Parallel and Distributed Processing, IPDPS, pp. 1–8 (2009)
Manolache, S.: Schedulability Analysis of Real-Time Systems with Stochastic Task Execution Times., Ph.D Thesis, Department of Computer and Information Science, IDA, Linkoping University
Bolch, G., Greiner, S., de Meer, H., Trivedi, K.S.: Queueing Networks and Markov Chains – Modeling and Performance Evaluation with Computer Science Applications. John Wiley and Sons, New York (1998)
Li, N., Tripunitara, M.V., Bizri, Z.: On Mutually Exclusive Roles and Separation-of-duty. ACM Transactions on Information and System Security (TISSEC) 10(2), 5-es (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liu, L., Liu, Y., Cheng, W. (2012). The Modeling and Analysis of Context and Cardinality Constraints Role-Based Authorization Mechanism. In: Wang, X., Zheng, R., Jing, T., Xing, K. (eds) Wireless Algorithms, Systems, and Applications. WASA 2012. Lecture Notes in Computer Science, vol 7405. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31869-6_29
Download citation
DOI: https://doi.org/10.1007/978-3-642-31869-6_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31868-9
Online ISBN: 978-3-642-31869-6
eBook Packages: Computer ScienceComputer Science (R0)