A simple model of separation of duty for access control models

This paper proposes a formal model of separation of duty that captures a certain type of separation of duty policies. The model is accessible such that one could easily incorporate it into existing access control models that do not yet have interfaces for creation and enforcement of separation of duty policies. More concretely, we described how our model was incorporated into the Role-based Access Control (RBAC) model to extend its separation of duty capabilities. We showed that this process was straightforward and the changes we have made in the RBAC specification were controlled and mostly additive ones. Moreover we also showed that under our model, one could also reduce the number of permissions that have to be managed in an access control system.