On mutually-exclusive roles and separation of duty

@inproceedings{Li2004OnMR,
  title={On mutually-exclusive roles and separation of duty},
  author={Ninghui Li and Ziad Bizri and Mahesh V. Tripunitara},
  booktitle={CCS '04},
  year={2004}
}
Separation of Duty (SoD) is widely considered to be a fundamental principle in computer security. A Static SoD (SSoD) policy states that in order to have all permissions necessary to complete a sensitive task, the cooperation of at least a certain number of users is required. In Role-Based Access Control (RBAC), Statically Mutually Exclusive Role (SMER) constraints are used to enforce SSoD policies. In this paper, we pose and answer fundamental questions related to the use of SMER constraints… Expand
Constraint generation for separation of duty
TLDR
This paper studies the problem of generating sets of constraints that enforce a set of SSoD policies, are compatible with the existing role hierarchy, and are minimal in the sense that there is no other constraint set that is less restrictive and satisfies these criteria. Expand
Static Enforcement of Static Separation-of-Duty Policies in Usage Control Authorization Models
TLDR
This paper formulates and studies the fundamental problem of static enforcement of static SoD (SSoD) policies in the context of U CONA, a sub-model of UCON only considering authorizations, and shows how to generate the least restrictive SMEA constraints for enforcing SSoD policies in UCONA. Expand
A History-Based Constraint for Separation-of-Duty Policy in Role Based Access Control Model
TLDR
It is shown that checking whether a RBAC state satisfies a given static SoD (SSoD) policy is a coNP-complete problem, and using statically mutually exclusive roles (SMER) to enforce S soD is usually computationally expensive, while enforcing SSoD policies by a history-based constraint is practicable. Expand
Dynamic Enforcement of Separation-of-Duty Policies
TLDR
This paper formally defines the notion of an SSoD policy, and introduces the problem of dynamic safety checking problem (DSCP) which asks whether an access control state satisfies a given S soD policy; and shows that it is intractable (NP-complete) for directly enforcing S SoD policies in access control. Expand
Specification and enforcement of separation-of-duty policies in role-base access control
  • Jianfeng Lu, Jiaqing Zhou
  • Computer Science
  • Proceedings of 2011 International Conference on Computer Science and Network Technology
  • 2011
TLDR
The problem of determining whether a SoD policy is enforceable is studied, and it is shown that directly enforcing SoD policies in RBAC is intractable (coNP-complete) and indirectly enforcing soD policies by using mutually exclusive role constraints is also intractability (NP-hard). Expand
Specification and Enforcement of Static Separation-of-Duty Policies in Usage Control
TLDR
A set-based specification scheme is given for static SoD policy in recently presented usage control (UCON) model, and the least restrictive static mutually exclusive attribute (SMEA) constraints are generated to enforce SSoD policies. Expand
Available Separation-of-Duty Policies in Access Control
TLDR
This paper combines a static SoD policy and an availability policy to introduce the available static soD (ASSoD) policies to capture both of the safety and availability properties, and presents the computational complexity of the satisfy checking problem of ASSoD policies. Expand
The Authorization Policy Existence Problem
TLDR
This paper develops a new method of specifying constraints which subsumes much related work and allows a wider range of constraints to be specified, and analyzes the complexity of questions related to policy existence, where a positive answer means that an organization's objectives can be realized. Expand
Separation of Duty in Role-Based Access Control Model through Fuzzy Relations
TLDR
This paper proposes a model to express the separation of duty policies in RBAC using the fuzzy set theory, and the concept of trustworthiness, which is fuzzy in nature, is used to express this model. Expand
Separation of Duty in Role-Based Access Control Model through Fuzzy Relations
TLDR
This paper proposes a model to express the separation of duty policies in RBAC using the fuzzy set theory, and the concept of trustworthiness, which is fuzzy in nature, is used to express this model. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 59 REFERENCES
The RSL99 language for role-based separation of duty constraints
TLDR
A framework for specifying separation of duty and conflict of interest policies in role-based systems is described and an intuitive formal language which uses system functions and sets as its basic elements is proposed. Expand
Separation of duties for access control enforcement in workflow environments
TLDR
This paper presents the "conflicting entities" administration paradigm for the specification of static and dynamic separation ofduty requirements in the workflow environment, and argues that RBAC does not support the complex work processes often associated with separation of duty requirements, particularly with dynamic separated of duty. Expand
Role-based authorization constraints specification
TLDR
An intuitive formal language for specifying role-based authorization constraints named RCL 2000 including its basic elements, syntax, and semantics is introduced and it is shown that there are many alternate formulations of even the simplest SOD properties, with varying degree of flexibility and assurance. Expand
On the formal definition of separation-of-duty policies and their composition
TLDR
It is concluded that the practical implementation of SoD policies requires new methods and tools for security administration, even within applications that already support RBAC, such as most database management systems. Expand
Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems
TLDR
This paper explores some aspects of mutual exclusion of roles as a means of implementing separation ofduty policies, including a safety property for separation of duty; relationships between different types of exclusion rules; properties of Mutual exclusion for roles; constraints on the role hierarchy introduced by mutual exclusion rules. Expand
An access control model for simplifying constraint expression
TLDR
This work proposes a new approach to expressing constraints that has the following properties: an access control policy is expressed using a graphical model in which the nodes represent sets and the edges represent binary relationships on those sets and constraints are expressed using few, simple set operators on graph nodes. Expand
Specifying and enforcing constraints in role-based access control
TLDR
A combined specification and implementation model for a class of constraints that includes separation of duty constraints is presented and it is proposed that a scalable role-based reference monitor that can be used to enforce constraints in an efficient manner is proposed. Expand
Practical safety in flexible access control models
TLDR
By keeping the complexity of constraint expression in check, flexible access control models, such as role-based access control, may also be used for expressing access control policy for safety-critical systems. Expand
A generalized temporal role-based access control model
TLDR
This work proposes a generalized temporal role-based access control (GTRBAC) model capable of expressing a wider range of temporal constraints and allows expressing periodic as well as duration constraints on roles, user-role assignments, and role-permission assignments. Expand
Role-Based Access Control (RBAC): Features and Motivations
TLDR
The purpose of this paper is to provide additional insight as to the motivations and functionality that might go behind the official RBAC name. Expand
...
1
2
3
4
5
...