Designing role-based access control using formal concept analysis

Authors

  • Ch. Aswani Kumar

    Corresponding author
    • Network and Information Security Division, School of Information Technology and Engineering, VIT University, Vellore, India
    Search for more papers by this author

Dr. Ch. Aswani Kumar, Network and Information Security Division, School of Information Technology and Engineering, VIT University, Vellore – 632014, India.

E-mail: cherukuri@acm.org

ABSTRACT

Role-based access control (RBAC) is one of the most popular and widely deployed access control model. The objective of this paper is to design an RBAC using formal concept analysis, which is based on mathematical lattice and order theory. For this purpose, we derive a dyadic formal context from the triadic security context that represents role-based access permission and perform attribute exploration from formal concept analysis. We demonstrate the proposed method on a health care ad hoc network. The analysis indicates that the proposed method follows the RBAC constraints: static separation of duties and role hierarchy. Copyright © 2012 John Wiley & Sons, Ltd.

Ancillary