Koch et al.

The framework formalizes RBAC using graph transformations, giving an intuitive description of graph manipulation in information systems access control. It also specifies static and dynamic consistency conditions on graphs and graph transformations. The formalism captures RBAC models published in the literature and allows uniform treatment of user and administrative roles, as well as detailed analysis of administrative role decentralization.