A Formal Framework for Adaptive Access Control Models

Stefanie B. Rinderle, Manfred Reichert

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    21 Citations (Scopus)

    Abstract

    For several reasons enterprises are frequently subject to organizational change. Respective adaptations may concern business processes, but also other components of an enterprise architecture. In particular, changes of organizational structures often become necessary. The information about organizational entities and their relationships is maintained in organizational models. Therefore the quick and correct adaptation of these models is fundamental to adequately cope with organizational changes. However, model changes alone are not sufficient to guarantee consistency. Since organizational models also provide the basis for defining access rules (e.g., actor assignments in workflow management systems or access rules in document-centered applications) this information has to be adapted accordingly (e.g., to avoid dangling references or non-resolvable actor assignments). Current approaches do not adequately address this problem, which often leads to security gaps and delayed change implementation. In this paper we introduce a formal framework for the controlled evolution of organizational models and related access rules. Firstly, we introduce a set of operators with well-defined semantics for defining and changing organizational models. Secondly, we show how to define access rules based on such models. In this context we also define a notion of correctness for access rules. Thirdly, we present a formal framework for the (semi-automated) adaptation of access rules when the underlying organizational model is changed by exploiting the semantics of the applied changes. Altogether the presented approach provides an important contribution for realizing adaptive access control frameworks.
    Original languageEnglish
    Title of host publicationJournal on Data Semantics IX
    EditorsStefano Spaccapietra, Paolo Atzeni, François Fages, Mohand-Saïd Hacid
    Place of PublicationBerlin, Heidelberg
    PublisherSpringer
    Pages82-112
    ISBN (Electronic)978-3-540-74987-5
    ISBN (Print)978-3-540-74982-0
    DOIs
    Publication statusPublished - Jun 2007
    Event13th International Conference Cooperative Information Systems, CoopIS 2005 - Agia Napa, Cyprus, Greece
    Duration: 2 Nov 20054 Nov 2005
    Conference number: 13

    Publication series

    NameLecture Notes in Computer Science
    PublisherSpringer
    Volume4601
    ISSN (Print)0302-9743
    ISSN (Electronic)1611-3349
    NameJournal on Data Semantics
    PublisherSpringer
    VolumeIX
    ISSN (Print)1861-2032

    Conference

    Conference13th International Conference Cooperative Information Systems, CoopIS 2005
    Abbreviated titleCoopIS
    Country/TerritoryGreece
    CityAgia Napa, Cyprus
    Period2/11/054/11/05

    Keywords

    • Role-based access control
    • Organizational change
    • Adaptive information systems
    • Evolution of access rules
    • SCS-Services
    • n/a OA procedure

    Fingerprint

    Dive into the research topics of 'A Formal Framework for Adaptive Access Control Models'. Together they form a unique fingerprint.

    Cite this