An administrative model for relationship-based access control

Scott D. Stoller

doi:10.1007/978-3-319-20810-7_4

An administrative model for relationship-based access control

Scott D. Stoller

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

13 Scopus citations

Abstract

Relationship-based access control (ReBAC) originated in the context of social network systems and recently is being generalized to be suitable for general computing systems. This paper defines a ReBAC model, based on Crampton and Sellwood’s RPPM model, designed to be suitable for general computing systems. Our ReBAC model includes a comprehensive administrative model. The administrative model is comprehensive in the sense that it allows and controls changes to all aspects of the ReBAC policy. To the best of our knowledge, it is the first comprehensive administrative model for a ReBAC model suitable for general computing systems. The model is illustrated with parts of a sample access control policy for electronic health records in a healthcare network.

Original language	English
Title of host publication	Data and Applications Security and Privacy XXIX - 29th Annual IFIP WG 11.3 Working Conference, DBSec 2015, Proceedings
Editors	Pierangela Samarati
Publisher	Springer Verlag
Pages	53-68
Number of pages	16
ISBN (Print)	9783319208091
DOIs	https://doi.org/10.1007/978-3-319-20810-7_4
State	Published - 2015
Event	29th IFIP WG 11.3 Working Conference on Data and Applications Security, DBSec 2015 - Fairfax, United States Duration: Jul 13 2015 → Jul 15 2015

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	9149
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	29th IFIP WG 11.3 Working Conference on Data and Applications Security, DBSec 2015
Country/Territory	United States
City	Fairfax
Period	07/13/15 → 07/15/15

Access to Document

10.1007/978-3-319-20810-7_4

Cite this

Stoller, S. D. (2015). An administrative model for relationship-based access control. In P. Samarati (Ed.), Data and Applications Security and Privacy XXIX - 29th Annual IFIP WG 11.3 Working Conference, DBSec 2015, Proceedings (pp. 53-68). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9149). Springer Verlag. https://doi.org/10.1007/978-3-319-20810-7_4

Stoller, Scott D. / An administrative model for relationship-based access control. Data and Applications Security and Privacy XXIX - 29th Annual IFIP WG 11.3 Working Conference, DBSec 2015, Proceedings. editor / Pierangela Samarati. Springer Verlag, 2015. pp. 53-68 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{1bb49a930dd241fb8714bf07e3a78e44,

title = "An administrative model for relationship-based access control",

abstract = "Relationship-based access control (ReBAC) originated in the context of social network systems and recently is being generalized to be suitable for general computing systems. This paper defines a ReBAC model, based on Crampton and Sellwood{\textquoteright}s RPPM model, designed to be suitable for general computing systems. Our ReBAC model includes a comprehensive administrative model. The administrative model is comprehensive in the sense that it allows and controls changes to all aspects of the ReBAC policy. To the best of our knowledge, it is the first comprehensive administrative model for a ReBAC model suitable for general computing systems. The model is illustrated with parts of a sample access control policy for electronic health records in a healthcare network.",

author = "Stoller, \{Scott D.\}",

note = "Publisher Copyright: {\textcopyright} IFIP International Federation for Information Processing 2015.; 29th IFIP WG 11.3 Working Conference on Data and Applications Security, DBSec 2015 ; Conference date: 13-07-2015 Through 15-07-2015",

year = "2015",

doi = "10.1007/978-3-319-20810-7\_4",

language = "English",

isbn = "9783319208091",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "53--68",

editor = "Pierangela Samarati",

booktitle = "Data and Applications Security and Privacy XXIX - 29th Annual IFIP WG 11.3 Working Conference, DBSec 2015, Proceedings",

}

Stoller, SD 2015, An administrative model for relationship-based access control. in P Samarati (ed.), Data and Applications Security and Privacy XXIX - 29th Annual IFIP WG 11.3 Working Conference, DBSec 2015, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9149, Springer Verlag, pp. 53-68, 29th IFIP WG 11.3 Working Conference on Data and Applications Security, DBSec 2015, Fairfax, United States, 07/13/15. https://doi.org/10.1007/978-3-319-20810-7_4

An administrative model for relationship-based access control. / Stoller, Scott D.
Data and Applications Security and Privacy XXIX - 29th Annual IFIP WG 11.3 Working Conference, DBSec 2015, Proceedings. ed. / Pierangela Samarati. Springer Verlag, 2015. p. 53-68 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9149).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - An administrative model for relationship-based access control

AU - Stoller, Scott D.

N1 - Publisher Copyright: © IFIP International Federation for Information Processing 2015.

PY - 2015

Y1 - 2015

N2 - Relationship-based access control (ReBAC) originated in the context of social network systems and recently is being generalized to be suitable for general computing systems. This paper defines a ReBAC model, based on Crampton and Sellwood’s RPPM model, designed to be suitable for general computing systems. Our ReBAC model includes a comprehensive administrative model. The administrative model is comprehensive in the sense that it allows and controls changes to all aspects of the ReBAC policy. To the best of our knowledge, it is the first comprehensive administrative model for a ReBAC model suitable for general computing systems. The model is illustrated with parts of a sample access control policy for electronic health records in a healthcare network.

AB - Relationship-based access control (ReBAC) originated in the context of social network systems and recently is being generalized to be suitable for general computing systems. This paper defines a ReBAC model, based on Crampton and Sellwood’s RPPM model, designed to be suitable for general computing systems. Our ReBAC model includes a comprehensive administrative model. The administrative model is comprehensive in the sense that it allows and controls changes to all aspects of the ReBAC policy. To the best of our knowledge, it is the first comprehensive administrative model for a ReBAC model suitable for general computing systems. The model is illustrated with parts of a sample access control policy for electronic health records in a healthcare network.

UR - https://www.scopus.com/pages/publications/84950000745

U2 - 10.1007/978-3-319-20810-7_4

DO - 10.1007/978-3-319-20810-7_4

M3 - Conference contribution

AN - SCOPUS:84950000745

SN - 9783319208091

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 53

EP - 68

BT - Data and Applications Security and Privacy XXIX - 29th Annual IFIP WG 11.3 Working Conference, DBSec 2015, Proceedings

A2 - Samarati, Pierangela

PB - Springer Verlag

T2 - 29th IFIP WG 11.3 Working Conference on Data and Applications Security, DBSec 2015

Y2 - 13 July 2015 through 15 July 2015

ER -

Stoller SD. An administrative model for relationship-based access control. In Samarati P, editor, Data and Applications Security and Privacy XXIX - 29th Annual IFIP WG 11.3 Working Conference, DBSec 2015, Proceedings. Springer Verlag. 2015. p. 53-68. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-20810-7_4

An administrative model for relationship-based access control

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this