Abstract
In existing access control systems, it is assumed that access control authorisation rules are defined on elementary actions and over concrete objects. This assumption does not hold in general. This paper proposes a slight extension of access control models where both elementary and non-elementary actions can be represented. A non-elementary action, called a plan, is a sequence of elementary actions, to be applied on objects, in order to achieve some task. We propose to represent a plan, denoted by P, as a partial pre-order over a subset of A x O where A is a set of elementary actions and O is a set of objects. We show how to derive explicit prohibitions in the presence of authorisation rules over plans.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
