Caching and Auditing in the RPPM Model
Jason Crampton, James Sellwood
TL;DR
This paper extends the RPPM relationship-based access control model to include caching and separation of duty enforcement, offering significant advantages and broad policy support.
Contribution
It introduces natural and powerful extensions to RPPM for caching and separation of duty, enhancing its efficiency and policy flexibility.
Findings
Caching in RPPM offers greater benefits than in other models.
The extended RPPM supports a wide range of separation of duty policies.
Extensions are natural and enhance the model's capabilities.
Abstract
Crampton and Sellwood recently introduced a variant of relationship-based access control based on the concepts of relationships, paths and principal matching, to which we will refer as the RPPM model. In this paper, we show that the RPPM model can be extended to provide support for caching of authorization decisions and enforcement of separation of duty policies. We show that these extensions are natural and powerful. Indeed, caching provides far greater advantages in RPPM than it does in most other access control models and we are able to support a wide range of separation of duty policies.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAccess Control and Trust · Cryptography and Data Security · Internet Traffic Analysis and Secure E-voting