Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Formal Specification for Role Based Access Control User/Role and Role/Role Relationship Management

Published

Author(s)

Serban I. Gavrila, John Barkley

Abstract

Role Based Access Control (RBAC), an access control mechanism, reduces the cost of administering access control policies as well as making the process less error-prone. The Admin Tool developed for the NIST RBAC Model manages user/role and role/role relationships stored in the RBAC Database. This paper presents a formal specification of the RBAC Database and Admin Tool operations. Consistency requirements for the RBAC Database are defined as a set of properties. Alternative properties, substantially simpler to verify in an implementation, are shown to be equivalent. In addition, the paper defines the semantics of Admin Tool operations, and shows that, given a consistent RBAC Database and an operation which meets specified conditions, the RBAC Database remains consistent after the operation is performed.
Proceedings Title
Proceedings of the 3rd ACM Workshop on Role-Based Access Control (RBAC '98)
Conference Dates
October 22-23, 1998
Conference Location
Fairfax, VA
Conference Title
3rd ACM Workshop on Role-Based Access Control (RBAC '98)

Keywords

computer security, database consistency, RBAC, Role-Based Access Control, role hierarchy, separation of duty

Citation

Gavrila, S. and Barkley, J. (1998), Formal Specification for Role Based Access Control User/Role and Role/Role Relationship Management, Proceedings of the 3rd ACM Workshop on Role-Based Access Control (RBAC '98), Fairfax, VA, [online], https://doi.org/10.1145/286884.286902 (Accessed March 29, 2024)
Created October 1, 1998, Updated November 10, 2018