Higher-Order (Temporal) Relationship-Based Access Control
| dc.contributor.advisor | Fong, Philip | |
| dc.contributor.author | Arora, Chahal | |
| dc.contributor.committeemember | Reardon, Joel | |
| dc.contributor.committeemember | Li, Simon | |
| dc.date | 2022-06 | |
| dc.date.accessioned | 2022-02-24T23:11:19Z | |
| dc.date.available | 2022-02-24T23:11:19Z | |
| dc.date.issued | 2022-02 | |
| dc.description.abstract | With the advent of technologies such as the Internet of Things, new type of relationships have emerged between users and devices. These relationships are transient, which means they can be activated and terminated over time. Existing Relationship-Based Access Control (ReBAC) models are not designed for handling such relationships efficiently. In this work, we present a ReBAC model that can incorporate such transient relationships, thus allowing the creation of access control policies that can use the transient nature of relationships to grant authorization. We call this model Higher-Order (Temporal) Relationship-Based Access Control (HO(T)-ReBAC) model. This thesis formalized the HO(T)-ReBAC model and defined a formal policy language for access control policies in HO(T)-ReBAC. We then discussed case studies based on real-world scenarios where HO(T)-ReBAC can be deployed for authorization decisions. After that, we designed and presented an efficient model implementation that can be used for large-scale projects in the real world. We empirically evaluated our implementation of HO(T)-ReBAC using a real-world social graph and the use case we discussed. Our evaluation found our implementation to be efficient for real-world large-scale projects. | en_US |
| dc.identifier.citation | Arora, C. (2022). Higher-order (temporal) relationship-based access control (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca. | en_US |
| dc.identifier.doi | http://dx.doi.org/10.11575/PRISM/39617 | |
| dc.identifier.uri | http://hdl.handle.net/1880/114433 | |
| dc.language.iso | eng | en_US |
| dc.publisher.faculty | Science | en_US |
| dc.publisher.institution | University of Calgary | en |
| dc.rights | University of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission. | en_US |
| dc.subject | Access Control Model | en_US |
| dc.subject | Relationship-Based Access Control | en_US |
| dc.subject | Transient Relationship | en_US |
| dc.subject | Temporality | en_US |
| dc.subject | Allen Relation | en_US |
| dc.subject | Policy Language | en_US |
| dc.subject | Graph Matching | en_US |
| dc.subject | Graph Database | en_US |
| dc.subject | Constraint Satisfaction Problem | en_US |
| dc.subject.classification | Computer Science | en_US |
| dc.title | Higher-Order (Temporal) Relationship-Based Access Control | en_US |
| dc.type | master thesis | en_US |
| thesis.degree.discipline | Computer Science | en_US |
| thesis.degree.grantor | University of Calgary | en_US |
| thesis.degree.name | Master of Science (MSc) | en_US |
| ucalgary.item.requestcopy | true | en_US |