سال انتشار: ۱۳۸۶
محل انتشار: چهارمین کنفرانس انجمن رمز ایران
تعداد صفحات: ۱۰
Sama Goliaei – Department of Computer Engineering Sharif University of Technology, Tehran, Iran
Rasool Jalili – Department of Computer Engineering Sharif University of Technology, Tehran, Iran
In this paper, a certificate based access control model named CB2AC and its policy description language is provided. This model has a service-oriented perspective to the systems and combines access control mechanisms with regular systems workflow. In this paper, a policy description language associated with the proposed model is also provided. The model and its language use different certificate types with a hierarchical structure to achieve high expressiveness, flexibility, and simplicity. They have the capability to describe a variety of policies, including those policies with unknown number of required certificates. As evidence of the model generality and power, RBAC3 is constructed in this paper using the proposed model and its policy description language.