Mostra el registre d'ítem simple
A datalog framework for modeling relationship-based access control policies
| dc.contributor.author | Pasarella Sánchez, Ana Edelmira |
| dc.contributor.author | Lobo, Jorge |
| dc.contributor.other | Universitat Politècnica de Catalunya. Departament de Ciències de la Computació |
| dc.date.accessioned | 2018-02-02T10:13:31Z |
| dc.date.available | 2018-02-02T10:13:31Z |
| dc.date.issued | 2017 |
| dc.identifier.citation | Pasarella, E., Lobo, J. A datalog framework for modeling relationship-based access control policies. A: ACM Symposium on Access Control Models and Technologies. "Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies". Indianapolis, IN: Association for Computing Machinery (ACM), 2017, p. 91-102. |
| dc.identifier.isbn | 978-1-4503-4702-0 |
| dc.identifier.uri | http://hdl.handle.net/2117/113608 |
| dc.description | SACMAT'17 Best paper |
| dc.description.abstract | Relationships like friendship to limit access to resources have been part of social network applications since their beginnings. Describing access control policies in terms of relationships is not particular to social networks and it arises naturally in many situations. Hence, we have recently seen several proposals formalizing different Relationship-based Access Control (ReBAC) models. In this paper, we introduce a class of Datalog programs suitable for modeling ReBAC and argue that this class of programs, that we called ReBAC Datalog policies, provides a very general framework to specify and implement ReBAC policies. To support our claim, we first formalize the merging of two recent proposals for modeling ReBAC, one based on hybrid logic and the other one based on path regular expressions. We present extensions to handle negative authorizations and temporal policies. We describe mechanism for policy analysis, and then discuss the feasibility of using Datalog-based systems as implementations. |
| dc.format.extent | 12 p. |
| dc.language.iso | eng |
| dc.publisher | Association for Computing Machinery (ACM) |
| dc.subject | Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica |
| dc.subject.lcsh | Online social networks -- Access control |
| dc.subject.other | Relationship-based access control |
| dc.subject.other | Security and privacy policies |
| dc.subject.other | Datalog |
| dc.title | A datalog framework for modeling relationship-based access control policies |
| dc.type | Conference report |
| dc.subject.lemac | Xarxes socials en línia -- Control d'accés |
| dc.contributor.group | Universitat Politècnica de Catalunya. ALBCOM - Algorismia, Bioinformàtica, Complexitat i Mètodes Formals |
| dc.identifier.doi | 10.1145/3078861.3078871 |
| dc.description.peerreviewed | Peer Reviewed |
| dc.relation.publisherversion | https://dl.acm.org/citation.cfm?id=3078871 |
| dc.rights.access | Open Access |
| local.identifier.drac | 21866757 |
| dc.description.version | Postprint (author's final draft) |
| dc.relation.projectid | info:eu-repo/grantAgreement/MINECO//TIN2013-46181-C2-1-R/ES/MODELOS Y METODOS COMPUTACIONALES PARA DATOS MASIVOS ESTRUCTURADOS/ |
| local.citation.author | Pasarella, E.; Lobo, J. |
| local.citation.contributor | ACM Symposium on Access Control Models and Technologies |
| local.citation.pubplace | Indianapolis, IN |
| local.citation.publicationName | Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies |
| local.citation.startingPage | 91 |
| local.citation.endingPage | 102 |
