Abstract
The Transformation Model (TRM) was recently introduced [10] in the literature by Sandhu and Ganta. TRM is based on the concept of transformation of rights. The propagation of access rights in TRM is authorized entirely by existing rights for the object in question. It has been demonstrated in the earlier work that TRM is useful for expressing various kinds of consistency, confidentiality, and integrity controls.
In our previous work [10], a special case of TRM named Binary Transformation Model (BTRM) was defined. We proved that BTRM is equivalent in expressive power to TRM. This result indicates that it suffices to allow testing for only two cells of the matrix.
In this paper we study the relationship between TRM and the Unary Transformation Model (UTRM). In UTRM, individual commands are restricted to testing for only one cell of the matrix (whereas individual TRM commands can test for multiple cells of the matrix). Contrary to our initial conjecture (of [10]), we found that TRM and UTRM are formally equivalent in terms of expressive power. The implications of this result on safety analysis is also discussed in this paper.
Chapter PDF
Similar content being viewed by others
References
Ammann, P.E. and Sandhu, R.S. “Implementing Transaction Control Expressions by Checking for Absence of Access Rights.” Proc. Eighth Annual Computer Security Applications Conference, San Antonio, Texas, December 1992.
Bell, D.E. and LaPadula, L.J. “Secure Computer Systems: Unified Exposition and Multics Interpretation.” MTR-2997, Mitre, Bedford, Massachusetts (1975).
Denning, D.E. “A Lattice Model of Secure Information Flow.” Communications of ACM 19(5):236–243 (1976).
Harrison, M.H., Ruzzo, W.L. and Ullman, J.D. “Protection in Operating Systems.” Communications of ACM 19(8), 1976, pages 461–471.
McLean, J. “A Comment on the ‘Basic Security Theorem’ of Bell and LaPadula.” Information Processing Letters 20(2):67–70 (1985).
McLean, J. “Specifying and Modeling Computer Security.” IEEE Computer 23(1):9–16 (1990).
Sandhu, R.S. “Transformation of Access Rights.” Proc. IEEE Symposium on Security and Privacy, Oakland, California, May 1989, pages 259–268.
Sandhu, R.S. “The Typed Access Matrix Model” IEEE Symposium on Research in Security and Privacy, Oakland, CA. 1992, pages 122–136.
Sandhu, R.S. and Suri, G.S. “Non-monotonic Transformations of Access Rights.” Proc. IEEE Symposium on Research in Security and Privacy, Oakland, California, May 1992, pages 148–161.
Sandhu, R.S. and Srinivas Ganta. “On the Minimality of Testing for Rights in Transformation Models.” Proc. IEEE Symposium on Research in Security and Privacy, Oakland, California, May 16–18, 1994, pages 230–241.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1994 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Sandhu, R.S., Ganta, S. (1994). On the expressive power of the unary transformation model. In: Gollmann, D. (eds) Computer Security — ESORICS 94. ESORICS 1994. Lecture Notes in Computer Science, vol 875. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-58618-0_71
Download citation
DOI: https://doi.org/10.1007/3-540-58618-0_71
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-58618-0
Online ISBN: 978-3-540-49034-0
eBook Packages: Springer Book Archive