Caching and Auditing in the RPPM Model

Jason Crampton; James Sellwood

doi:10.1007/978-3-319-11851-2_4

Caching and Auditing in the RPPM Model

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Crampton and Sellwood recently introduced a variant of relationship-based access control based on the concepts of relationships, paths and principal matching, to which we will refer as the RPPM model. In this paper, we show that the RPPM model can be extended to provide support for caching of authorization decisions and enforcement of separation of duty policies. We show that these extensions are natural and powerful. Indeed, caching provides far greater advantages in RPPM than it does in most other access control models and we are able to support a wide range of separation of duty policies.

Original language	English
Title of host publication	Security and Trust Management - 10th International Workshop
Publisher	Springer
Pages	49-64
Number of pages	16
ISBN (Electronic)	978-3-319-11851-2
ISBN (Print)	978-3-319-11850-5
DOIs	https://doi.org/10.1007/978-3-319-11851-2_4
Publication status	Published - 2014

Publication series

Name	Lecture Notes in Computer Science
Volume	8743

Access to Document

10.1007/978-3-319-11851-2_4

Cite this

@inproceedings{a42dbe6cd704419aaf791d9016659c65,

title = "Caching and Auditing in the RPPM Model",

abstract = "Crampton and Sellwood recently introduced a variant of relationship-based access control based on the concepts of relationships, paths and principal matching, to which we will refer as the RPPM model. In this paper, we show that the RPPM model can be extended to provide support for caching of authorization decisions and enforcement of separation of duty policies. We show that these extensions are natural and powerful. Indeed, caching provides far greater advantages in RPPM than it does in most other access control models and we are able to support a wide range of separation of duty policies.",

author = "Jason Crampton and James Sellwood",

year = "2014",

doi = "10.1007/978-3-319-11851-2_4",

language = "English",

isbn = "978-3-319-11850-5",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "49--64",

booktitle = "Security and Trust Management - 10th International Workshop",

}

TY - GEN

T1 - Caching and Auditing in the RPPM Model

AU - Crampton, Jason

AU - Sellwood, James

PY - 2014

Y1 - 2014

N2 - Crampton and Sellwood recently introduced a variant of relationship-based access control based on the concepts of relationships, paths and principal matching, to which we will refer as the RPPM model. In this paper, we show that the RPPM model can be extended to provide support for caching of authorization decisions and enforcement of separation of duty policies. We show that these extensions are natural and powerful. Indeed, caching provides far greater advantages in RPPM than it does in most other access control models and we are able to support a wide range of separation of duty policies.

AB - Crampton and Sellwood recently introduced a variant of relationship-based access control based on the concepts of relationships, paths and principal matching, to which we will refer as the RPPM model. In this paper, we show that the RPPM model can be extended to provide support for caching of authorization decisions and enforcement of separation of duty policies. We show that these extensions are natural and powerful. Indeed, caching provides far greater advantages in RPPM than it does in most other access control models and we are able to support a wide range of separation of duty policies.

U2 - 10.1007/978-3-319-11851-2_4

DO - 10.1007/978-3-319-11851-2_4

M3 - Conference contribution

SN - 978-3-319-11850-5

T3 - Lecture Notes in Computer Science

SP - 49

EP - 64

BT - Security and Trust Management - 10th International Workshop

PB - Springer

ER -