Information Technology Reference
In-Depth Information
y
x.canAdmin(y, ar, sc) means that x delegates the administrative role ar to entity
y, where the delegation constraint sc is used to specify the special constraint on
succeeding delegations initiated by y. The default value of sc is “
∅
”. The predi-
cate canAdmin is specifying DoA policies.
y
x.canUse(y, sr, sc) means that x delegates the session role sr to entity y, where
the delegation constraint sc is used to specify the special constraint on succeed-
ing delegations initiated by y. The default value of sc is “
∅
”. The predicate
canUse is specifying DoC policies.
REAL05 also supports user defined predicates, which can be used to specify appli-
cation dependent policies and constraints.
Rules
. There are three kinds of rules in REAL05: policy rules, session rules and meta
rules. (a) policy rules is the rules specified according to security requirements; (b)
session rules are temporary rules within the context of a specific session. When the
session is closed, its session rules are deleted; (c) meta rules are used to describe the
general semantics that can not be expressed by policy rules and sessions rules.
3.2 Semantics
The semantics of REAL05 is defined by meta rules, as shown in Table 2. Meta-rules
are used to describe rules with general purpose, such as the semantics of relations “
⊃
”
and “⇒” defined in section 2.3.
Table 2.
Meta Rules for REAL05 Semantics
[Meta Rules for Role-based Authorization]
①
?x.canRequest(?y, ?pm) ← ?x.canActivate(?y, dR(?x, ?n)), ?x.canHold(dR(?x, ?n), ?pm).
[Meta Rules for Delegation of Authority]
②
?x.doa(?y, ?ar, ?sc) ← ?x.canAdmin(?y, ?ar, ?sc'), ?sc ⊃ ?sc'.
③
?x.doa(?z, aR(?x,?n), ?sc) ← ?y.canAdmin(?z, aR(?x, ?n), ?sc'), ?sc ⊃ ?sc',
?x.doa(?y, aR(?x,?n), sc({?z}∪?sc.ds, ?sc.dd+1, ?sc.ts)).
④
?x.isMember(?z, dR(?x, ?n)) ← ?x.canActivate(?z, dR(?x, ?n)).
⑤
?x.isMember(?z, dR(?x, ?n)) ←
?y.canActivate(?z,dR(?x, ?n)), ?x.doa(?y, aR(?x, ?n), sc({},0,{?z})).
[Meta Rules for Delegation of Capability]
⑥
?x.doc(?y, ?sr, ?sc) ← ?x.canUse(?y, ?sr, ?sc'), ?sc
?sc'.
⑦
?x.doc(?z, sR(?x, ?s), ?sc) ← ?y.canUse(?z, sR(?x, ?s), ?sc'), ?sc ⊃ ?sc',
?x.doc(?y, sR(?x, ?s), sc({?z}∪?sc.ds, ?sc.dd+1, ?sc.ts)).
⑧
?x.allowAccess(?y, ?pm) ← ?x.canRequest(?x, ?pm), doc(?x, ?y, sR(?x, ?s), sc({}, 0, {?x})).
[Meta Rules for Delegation Constraint Computation]
⑨
?sc ⊃ ?sc' ← ?sc.ds ⊆ ?sc'.ds, ?sc.dd ≤ ?sc'.dd, ?sc.ts ⊆ ?sc'.ts.
⊃
REAL05 introduces four semantic predicates in meta rules:
isMember
,
doa
,
doc
and
allowAccess
, which are delegation-based extensions of predicates canActivate,
canAdmin, canUse and canRequest respectively. The predicates
doa
and
doc
keep the
status of delegation path within the delegation constraint structure of the last parame-
ter, as shown by rules
③ and ⑦
. The rule
⑨
expresses the semantics for constraint
relation “
” is used to check whether each entity in the left-side-
parameter is belongs to the trust scope specified by right-side-parameter (also see its
⊃
”. The predicate “
⊆
