Foundations for a Graph-Based Approach to the Specification of Access Control Policies

Graph Transformations provide a uniform and precise framework for the specification of access control policies allowing the detailed comparison of different policy models and the precise description of the evolution of a policy. Furthermore, the framework is used for an accurate analysis of the interaction between policies and of the behavior of their integration with respect to the problem of conflicting rules. The integration of policies is illustrated using the Discretionary Access Control and the Lattice Based Access Control policies.

[1]  Grzegorz Rozenberg,et al.  Handbook of Graph Grammars and Computing by Graph Transformations, Volume 1: Foundations , 1997 .

[2]  Hartmut Ehrig,et al.  Graph rewriting with unification and composition , 1986, Graph-Grammars and Their Application to Computer Science.

[3]  Reiko Heckel,et al.  Algebraic Approaches to Graph Transformation - Part II: Single Pushout Approach and Comparison with Double Pushout Approach , 1997, Handbook of Graph Grammars.

[4]  Sabrina De Capitani di Vimercati,et al.  A modular approach to composing access control policies , 2000, CCS.

[5]  Luigi V. Mancini,et al.  A Formal Model for Role-Based Access Control Using Graph Transformation , 2000, ESORICS.

[6]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[7]  Luigi V. Mancini,et al.  On the specification and evolution of access control policies , 2001, SACMAT '01.

[8]  Ravi S. Sandhu,et al.  Role-Based Access Control , 1998, Adv. Comput..

[9]  Marta Simeoni,et al.  Spatial and Temporal Renement of Typed Graph Transformation Systems , 1998 .

[10]  Francesco Parisi-Presicce,et al.  Spatial and Temporal Refinement of Typed Graph Transformation Systems , 1998, MFCS.

[11]  Reiko Heckel,et al.  Ensuring consistency of conditional graph rewriting - a constructive approach , 1995, SEGRAGRA.

[12]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[13]  Hartmut Ehrig,et al.  The Category of Typed Graph Grammars and its Adjunctions with Categories , 1994, TAGT.