Analysis of a relationship based access control model

Abstract

With the advent of online social networks (OSN) and personalized healthcare, relationship-based access control is play- ing an ever important role. People often share sensitive personal information through online social networks (OSNs) to keep in touch with their friends and families. Such sensitive information if leaked inadvertently to third parties may have detrimental effects and sometimes disastrous consequences on the lives of individuals. Access control models are needed that allows controlled sharing of information. Different features of the model may conict with each other. Identifying potential conicts is important as sometimes such conicts are sources of misconfigurations. We propose an access control model for use in OSNs and provide its formal specification. Manually checking the formal specification is tedious and error-prone. Towards this end, we also demonstrate how conicts and potential misconfigurations can be automatically detected using the Alloy Analyzer. We illustrate our approach using policies that are similar in spirit to those in use in existing OSNs.