Towards an approach for weaving Open Digital Rights Language into Role-Based Access Control

Document Type

Conference Proceeding

Source of Publication

2023 International Conference on IT Innovation and Knowledge Discovery (ITIKD)

Publication Date

3-9-2023

Abstract

Establishing an adequate and flexible access control over assets in an organization is one of the main pillars of a successful information and technology security-strategy. To ensure efficient use of these assets in terms of availability, safety, and confidentiality, organizations roll out different strategies and adopt different techniques. These strategies and techniques could be based on roles to set access controls (Role-Based Access Control). Despite its popularity, there is an increasing interest in addressing RBAC's limitations with focus on how to enforce an adequate level of access control over the available resources and how to define a flexible control over these resources so that accessibility and authenticity are achieved at the right time and right place. This paper addresses some of these limitations by adopting the Open Digital Rights Language (ODRL) to express who can do what, where, when, and how. ODRL is a policy language that offers flexible control over digital content. By weaving ODRL into RBAC, this paper illustrates how to specify what users are allowed, not allowed, and must be allowed to do through a set of constrained rules specialized into permissions, prohibitions, and duties.

ISBN

978-1-6654-6372-0

Publisher

IEEE

Volume

00

First Page

1

Last Page

6

Disciplines

Computer Sciences

Keywords

Access control, Technological innovation, Organizations, Knowledge discovery, Weaving, Safety

Indexed in Scopus

no

Open Access

no

Link to Full Text

Share

COinS