DeepAI AI Chat
Log In Sign Up

A Graphical Framework for the Category-Based Metamodel for Access Control and Obligations

by   Sandra Alves, et al.
Universidade do Porto

We design a graph-based framework for the visualisation and analysis of obligations in access control policies. We consider obligation policies in CBACO, the category-based access control model, which has been shown to subsume many of the most well known access control such as MAC, DAC, RBAC. CBACO is an extension of the CBAC metamodel that deals with obligations. We describe the implementation of the proposed model in PORGY, a strategy driven graph-rewriting tool, based on the theory of port-graphs. CBACO policies allow for dynamic behavior in the modelled systems, which is implemented using the strategy language of PORGY.


page 1

page 2

page 3

page 4


Graph Model Implementation of Attribute-Based Access Control Policies

Attribute-based access control (ABAC) promises a powerful way of formali...

PACLP: a fine-grained partition-based access control policy language for provenance

Even though the idea of partitioning provenance graphs for access contro...

NAC: Automating Access Control via Named Data

In this paper we present the design of Name-based Access Control (NAC) s...

On-line tracing of XACML-based policy coverage criteria

Currently, eXtensible Access Control Markup Language (XACML) has becomin...

Towards Integrated Modelling of Dynamic Access Control with UML and Event-B

Role-Based Access Control (RBAC) is a popular authorization model used t...

Purpose-based access policy on provenance and data algebra

It is a crucial mechanism of access control to determine that data can o...

Combining ID's, Attributes, and Policies in Hyperledger Fabric

This work aims to provide a more secure access control in Hyperledger Fa...