The RSL99 language for role-based separation of duty constraints

Abstract

Separation of duty (SOD) is a fundamental technique for prevention of fraud and errors, known and practiced long before the existence of computers. It is discussed at several places in the literature, but there has been Iit- tle work on specifying SOD policies in a systematic way. This paper describes a framework for specifying separa- tion of duty and conflict of interest policies in role-based systems. To specify these policies, we need an appropri- ate language. We propose an intuitive formal language which uses system functions and sets as its basic ele- ments. The semantics for this language is defined by its translation to a restricted form of first order pred- icate logic. We show how previously identified SOD properties can be expressed in our language. More- over, we show there are other significant SOD proper- ties which have not been previously identified in the literature. Unlike much of the previous work, this pa- per deals with SOD in the presence of role hierarchies. Our work shows that there are many alternate formula- tions of even the simplest SOD properties, with varying degree of flexibility and assurance. Our language pro- vides us a rigorous foundation for systematic study of SOD properties.