Graph-based access control

Organizations are modeled as a specific kind of semantic graph comprising the organizational units, the roles and functions as well as the human and automatic agents (i.a.

The foundations of GBAC go back to a research project named CoCoSOrg (Configurable Cooperation System) [[1]] (in English language please see[2]) at Bamberg University.

In CoCoSOrg an organization is represented as a semantic graph and a formal language is used to specify agents and their access rights in a workflow environment.

[4] Graph-based access control consists of two building blocks: The organizational graph is divided into a type and an instance level.

[1] In the C-Org-Project it was extended with more sophisticated features like separation of duty or access control in distributed environments.

Organizational Graph in GBAC
Usage of C-Org