Visual modeling and formal specification of constraints of RBAC using semantic web technology

摘要

The role-based access control (RBAC) model has garnered great interest in the security community due to the flexible and secure nature of its applicability to the complex and sophisticated information system. One import aspect of RBAC is the enforcing of security policy, called constraint, which controls the behavior of components in RBAC. Much research has been conducted to specify constraints. However, more work is needed on the aspect of sharing information resources for providing better interoperability in the widely dispersed ubiquitous information system environment. This paper provides visual modeling of RBAC policy and specifies constraints of RBAC by employing a semantic web ontology language (OWL) to enhance understanding of constraints for machines and people in a ubiquitous computing environment. Using OWL, constraints were precisely formalized according to the constraint patterns and the effectiveness of OWL specification was demonstrated by showing the reasoning process.