Extended ReBAC Administrative models with cascading revocation and provenance support

Abstract

Relationship-based access control (ReBAC) has been widely studied and applied in the domain of online social networks, and has since been extended to domains beyond social. Us-ing ReBAC itself to manage ReBAC also becomes a natural research frontier, where we have two ReBAC administrative models proposed recently by Rizvi et al. [30] and Stoller [33]. In this paper, we extend these two ReBAC administrative models in order to apply ReBAC beyond online social net-works, particularly where edges can have dependencies with each other and authorization for certain administrative oper-Ations requires provenance information. Basically, our policy specifications adopt the concepts of enabling precondition and applicability preconditions from Rizvi et al. [30]. Then, we address several issues that need to be considered in order to properly execute operation effects, such as cascading re-vocation and integrity constraints on the relationship graph. With these extended features, we show that our administra-Tive models can provide the administration capability of the MT-RBAC model originally designed for multi-Tenant col-laborative cloud systems [34].