Title: A FORMAL SEMANTIC MODEL FOR THE ACCESS SPECIFICATION LANGUAGE RASP

Issue Number: Vol. 1, No. 2
Year of Publication: Oct - 2012
Page Numbers: 152-159
Authors: Mark Evered
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong

Abstract:


The access specification language RASP extends traditional role-based access control (RBAC) concepts to provide greater expressive power often required for fine-grained access control in sensitive information systems. Existing formal models of RBAC are not sufficient to describe these extensions. In this paper, we define a new model for RBAC which formalizes the RASP concepts of controlled role appointment and transitions, object attributes analogous to subject roles and a transitive role/attribute derivation relationship.