Fong, PhilipArora, Chahal2022-02-242022-02-242022-02Arora, C. (2022). Higher-order (temporal) relationship-based access control (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca.http://hdl.handle.net/1880/114433With the advent of technologies such as the Internet of Things, new type of relationships have emerged between users and devices. These relationships are transient, which means they can be activated and terminated over time. Existing Relationship-Based Access Control (ReBAC) models are not designed for handling such relationships efficiently. In this work, we present a ReBAC model that can incorporate such transient relationships, thus allowing the creation of access control policies that can use the transient nature of relationships to grant authorization. We call this model Higher-Order (Temporal) Relationship-Based Access Control (HO(T)-ReBAC) model. This thesis formalized the HO(T)-ReBAC model and defined a formal policy language for access control policies in HO(T)-ReBAC. We then discussed case studies based on real-world scenarios where HO(T)-ReBAC can be deployed for authorization decisions. After that, we designed and presented an efficient model implementation that can be used for large-scale projects in the real world. We empirically evaluated our implementation of HO(T)-ReBAC using a real-world social graph and the use case we discussed. Our evaluation found our implementation to be efficient for real-world large-scale projects.engUniversity of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission.Access Control ModelRelationship-Based Access ControlTransient RelationshipTemporalityAllen RelationPolicy LanguageGraph MatchingGraph DatabaseConstraint Satisfaction ProblemComputer Sciencemaster thesis10.11575/PRISM/39617