ReBAC2015: Interoperability of Relationship- and Role-Based Access Control

Simple item page
atmire.migration.oldid3554
dc.contributor.advisorFong, Philip
dc.contributor.authorRizvi, Syed Zain
dc.date.accessioned2015-09-16T22:14:58Z
dc.date.embargolift2016-09-15T22:14:58Z
dc.date.issued2015-09-16
dc.date.submitted2015en
dc.description.abstractRelationship-Based Access Control (ReBAC) is a general-purpose access control paradigm for application domains in which authorization must take into account the relationship between the access requestor and the resource owner. This thesis presents an evolution of Fong's ReBAC model in two steps. First, I formalize and extend the first time implementation of ReBAC into a production-scale medical records system, OpenMRS. This extension incorporates sophisticated authorization schemes recently proposed in the literature, as well as a performance evaluation of these schemes. Second, the model is further extended to incorporate the notion of demarcations and authorization-time constraints. These extensions allow ReBAC to interoperate with legacy Role-Based Access Control at a fine-grained level, and significantly increase the expressiveness of the model. Also presented are the design of two authorization procedures (one of which has an algorithmic structure akin to an SMT solver) along with optimization techniques.en_US
dc.description.embargoterms12 monthsen_US
dc.identifier.citationRizvi, S. Z. (2015). ReBAC2015: Interoperability of Relationship- and Role-Based Access Control (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca. doi:10.11575/PRISM/27553en_US
dc.identifier.doihttp://dx.doi.org/10.11575/PRISM/27553
dc.identifier.urihttp://hdl.handle.net/11023/2459
dc.language.isoeng
dc.publisher.facultyGraduate Studies
dc.publisher.institutionUniversity of Calgaryen
dc.publisher.placeCalgaryen
dc.rightsUniversity of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission.
dc.subjectComputer Science
dc.subject.classificationAccess Controlen_US
dc.subject.classificationrelationship predicateen_US
dc.subject.classificationprotection stateen_US
dc.subject.classificationaccess control modelen_US
dc.subject.classificationauthorization principalen_US
dc.subject.classificationrelationship based access controlen_US
dc.subject.classificationauthorization procedureen_US
dc.subject.classificationlazy evaluationen_US
dc.subject.classificationrole based access controlen_US
dc.subject.classificationdemarcation hierarchyen_US
dc.subject.classificationlazy authorization procedureen_US
dc.subject.classificationauthorization graphen_US
dc.subject.classificationpapr constrainten_US
dc.subject.classificationstrict grant semanticen_US
dc.subject.classificationhybrid logic formulaen_US
dc.subject.classificationhybrid logicen_US
dc.subject.classificationrebac modelen_US
dc.subject.classificationeager evaluationen_US
dc.subject.classificationmeap constrainten_US
dc.subject.classificationpredicate value cachingen_US
dc.subject.classificationprivilege requirementen_US
dc.subject.classificationLanguage Policyen_US
dc.subject.classificationauthorization decisionen_US
dc.subject.classificationmodel checkingen_US
dc.subject.classificationopen source medical record systemen_US
dc.subject.classificationaccess control policyen_US
dc.subject.classificationSocial Networken_US
dc.subject.classificationReBAC2015en_US
dc.titleReBAC2015: Interoperability of Relationship- and Role-Based Access Control
dc.typemaster thesis
thesis.degree.disciplineComputer Science
thesis.degree.grantorUniversity of Calgary
thesis.degree.nameMaster of Science (MSc)
ucalgary.item.requestcopytrue
Files
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
2.65 KB
Format:
Item-specific license agreed upon to submission
Description:
Download
Collections
Open Theses and Dissertations