A Graphical Framework for the Category-Based Metamodel for Access Control and Obligations

Abstract

We design a graph-based framework for the visualisation and analysis of obligations in access control policies. We consider obligation policies in CBACO, the category-based access control model, which has been shown to subsume many of the most well known access control such as MAC, DAC, RBAC. CBACO is an extension of the CBAC metamodel that deals with obligations. We describe the implementation of the proposed model in PORGY, a strategy driven graph-rewriting tool, based on the theory of port-graphs. CBACO policies allow for dynamic behavior in the modelled systems, which is implemented using the strategy language of PORGY.

0

Turn this paper into a full lesson

ArcXiv compiles a staged curriculum from this paper: 8-12 lessons across beginner → advanced, synthesised section guides, visuals, flashcards, a quiz, exercises, and on-demand deep dives per section. Grounded in the abstract, never invented.

Discussion (0)

Sign in to join the discussion.

Loading comments…