[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
article

Authorisation and antichains

Published: 01 July 2001 Publication History

Abstract

We present a summary of our recent work on partial orders and their application to access control modelling. In particular, we introduce a framework for separation of duty policies and a new access control model. We briefly discuss a special case of this model, HSS RBAC, which is our variation of a role-based access control model.

References

[1]
{1} AHN, G.-J., AND SANDHU, R. Role-based authorization constraints specification. ACM Transactions on Information and System Security 3, 4 (2000).
[2]
{2} BELL, D., AND LAPADULA, L. Secure computer systems: Mathematical foundations. Tech. Rep. MTR-2547, Volume I, Mitre Corporation, 1973.
[3]
{3} BELL, D., AND LAPADULA, L. Secure computer systems: A mathematical model. Tech. Rep. MTR-2547, Volume II, Mitre Corporation, 1973.
[4]
{4} BRUALDI, R. Introductory Combinatorics. Prentice Hall, New Jersey, 1999.
[5]
{5} CRAMPTON, J., AND LOIZOU, G. The structural complexity of conflict of interest policies. In preparation.
[6]
{6} CRAMPTON, J., AND LOIZOU, G. Hierarchical secure systems: A preliminary description. Tech. Rep. BBKCS-00-18, Birkbeck College, University of London, 2000.
[7]
{7} CRAMPTON, J., AND LOIZOU, G. Two partial orders on the set of antichains. Tech. Rep. BBKCS-00-05, Birkbeck College, University of London, 2000.
[8]
{8} CRAMPTON, J., AND LOIZOU, G. The completion of a poset in a lattice of antichains. International Mathematical Journal (2001). Accepted for publication.
[9]
{9} CRAMPTON, J., LOIZOU, G., AND O'SHEA, G. Evaluating access control. Submitted (1999).
[10]
{10} CRAMPTON, J., LOIZOU, G., AND O'SHEA, G. A logic of access control. The Computer Journal 44, 1 (2001). To appear.
[11]
{11} GAVRILA, S., AND BARKLEY, J. Formal specification for role based access control user/role and role/role relationship management. In Proceedings of Third ACM Workshop on Role-Based Access Control (Fairfax, Virginia, 1998), pp. 81-90.
[12]
{12} HARRISON, M., RUZZO, W., AND ULLMAN, J. Protection in operating systems. Communications of the ACM 19, 8 (1976), 461-471.
[13]
{13} LAMPSON, B. Protection. ACM Operating Systems Review 8 (1974), 437-443.
[14]
{14} LLOYD, J. Foundations of Logic Programming. Springer-Verlag, London, 1984.
[15]
{15} O'SHEA, G. Access Control in Operating Systems. PhD thesis, Birkbeck College, University of London, 1997.
[16]
{16} SANDHU, R. The typed access matrix model. In Proceedings of IEEE Symposium on Security and Privacy (1992), IEEE, pp. 122-136.
[17]
{17} SANDHU, R., BHAMIDIPATI, V., AND MUNAWER, Q. The ARBAC97 model for role-based administration of roles. ACM Transactions on Information and System Security 1, 2 (1999), 105-135.
[18]
{18} SANDHU, R., COYNE, E., FEINSTEIN, H., AND YOUMAN, C. Role-based access control models. IEEE Computer 29, 2 (1996), 38-47.
[19]
{19} SANDHU, R., FERRAIOLO, D., AND KUHN, D. The NIST model for role-based access control: Towards a unified standard. In Proceedings of the 5th ACM Workshop on Role-Based Access Control (Phoenix, Arizona, USA, 2000). http://www.acm.org/sigsac/nist.pdf.
[20]
{20} SPERNER, E. Ein Satz über Untermengen einer endlichen Menge. Mathematische Zeitschrift 27 (1928), 544-548.

Cited By

View all
  • (2015)Representation of multiple domain role based access control using FCA2015 IEEE International Conference on Electrical, Computer and Communication Technologies (ICECCT)10.1109/ICECCT.2015.7226062(1-6)Online publication date: Mar-2015
  • (2012)Designing role-based access control using formal concept analysisSecurity and Communication Networks10.1002/sec.5896:3(373-383)Online publication date: 27-Jun-2012

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM SIGOPS Operating Systems Review
ACM SIGOPS Operating Systems Review  Volume 35, Issue 3
July 1 2001
66 pages
ISSN:0163-5980
DOI:10.1145/383237
Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 July 2001
Published in SIGOPS Volume 35, Issue 3

Check for updates

Qualifiers

  • Article

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)1
  • Downloads (Last 6 weeks)0
Reflects downloads up to 11 Dec 2024

Other Metrics

Citations

Cited By

View all
  • (2015)Representation of multiple domain role based access control using FCA2015 IEEE International Conference on Electrical, Computer and Communication Technologies (ICECCT)10.1109/ICECCT.2015.7226062(1-6)Online publication date: Mar-2015
  • (2012)Designing role-based access control using formal concept analysisSecurity and Communication Networks10.1002/sec.5896:3(373-383)Online publication date: 27-Jun-2012

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media