Dynamic Modeling for Representing Access Control Policies Effect

Abstract: In large databases, creating user interface for browsing or performing insertion, deletion or modification of data is very costly in terms of programming. In addition, each modification of an access control policy causes many potential and unpredictable side effects which cause rule conflicts or security breaches that affect the corresponding user interfaces as well. While changes to access control policies in databases are inevitable, having a dynamic system that generates interface according to the latest access control policies become increasingly valuable. Lack of such a system leads to unauthorized access to data and eventually violates the privacy of data owners. In this work, we discuss a dynamic interface that applies Role Based Access Control (RBAC) policies as the output of policy analysis and limits the amount of information that users have access according to the policies defined for roles. This interface also shows security administrators the effect of their changes from the user's point of view while minimizing the cost by generating the interface automatically.