Semantic representation of RTBAC: Relationship-based access control model

Abstract

As Internet expands, many enterprise systems require managing security policies in a distributed environment in order to complement any authorization framework. The extensible Markup Language (XML) allows the system to represent security policy properly in a heterogeneous, distributed environment. In access control model, the security problem exists not only on subject but also on object side too. Moreover, when the system is expanded to ubiquitous computing environment, there are more privacy invasion problems than current Internet services. Proper representation of relationship in access control mechanism can be a solution for privacy invasion problem. In this paper, we develop XML Document Type Definition (DTD) and XML schema for representing the schema of the relationship-based access control model. This model supports object privacy since it introduces a new constraint called relationship between subject and object. It supports more constraints on object's policy than current Role-based Access Control Model (RBAC) does. © Springer-Verlag Berlin Heidelberg 2007.