Welcome to the InfoSci Platform
An Integrated Approach for the Enforcement of Contextual Permissions and Pre-Obligations

An Integrated Approach for the Enforcement of Contextual Permissions and Pre-Obligations

Yehia Elrakaiby, Frédéric Cuppens, Nora Cuppens-Boulahia
Copyright: © 2013 |Pages: 20
ISBN13: 9781466621633|ISBN10: 146662163X|EISBN13: 9781466621640
DOI: 10.4018/978-1-4666-2163-3.ch007
Cite Chapter Cite Chapter

MLA

Elrakaiby, Yehia, et al. "An Integrated Approach for the Enforcement of Contextual Permissions and Pre-Obligations." Contemporary Challenges and Solutions for Mobile and Multimedia Technologies, edited by Ismail Khalil and Edgar Weippl, IGI Global, 2013, pp. 107-126. https://doi.org/10.4018/978-1-4666-2163-3.ch007

APA

Elrakaiby, Y., Cuppens, F., & Cuppens-Boulahia, N. (2013). An Integrated Approach for the Enforcement of Contextual Permissions and Pre-Obligations. In I. Khalil & E. Weippl (Eds.), Contemporary Challenges and Solutions for Mobile and Multimedia Technologies (pp. 107-126). IGI Global. https://doi.org/10.4018/978-1-4666-2163-3.ch007

Chicago

Elrakaiby, Yehia, Frédéric Cuppens, and Nora Cuppens-Boulahia. "An Integrated Approach for the Enforcement of Contextual Permissions and Pre-Obligations." In Contemporary Challenges and Solutions for Mobile and Multimedia Technologies, edited by Ismail Khalil and Edgar Weippl, 107-126. Hershey, PA: IGI Global, 2013. https://doi.org/10.4018/978-1-4666-2163-3.ch007

Export Reference

Mendeley
Favorite

Abstract

Pre-obligations denote actions that may be required before access is granted. The successful fulfillment of pre-obligations leads to the authorization of the requested access. Pre-obligations enable a more flexible enforcement of authorization policies. This paper formalizes interactions between the obligation and authorization policy states when pre-obligations are supported and investigates their use in a practical scenario. The main advantage of the presented approach is that it gives pre-obligations both declarative semantics using predicate logic and operational semantics using Event-Condition-Action (ECA) rules. Furthermore, the presented framework enables policy designers to easily choose to evaluate any pre-obligation either (1) statically (an access request is denied if the pre-obligation has not been fulfilled); or (2) dynamically (users are given the possibility to fulfill the pre-obligation after the access request and before access is authorized).

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.