Abstract
A formal language to specify general access control policies and their sequences of transformations has been proposed in [1]. The access control policy was specified by a domain description which consisted of a finite set of initial policy propositions, policy transformation propositions and default propositions. Usually, access control models are falls into two conventional categories: discretionary access control(DAC) and mandatory access control(MAC). Traditional DAC models basically enumerate all the subjects and objects in a system and regulate the access to the object based on the identity of the subject. It can be best represented by the HRU's access control matrix [4]. While on the other hand, MAC models are lattice based models, in the sense that each subject and object is associated with a sensitivity level which forms a lattice
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
Y. Bai and V. Varadharajan, A Language for Specifying Sequences of Authorization Transformations and Its Applications. Proceedings of the International Conference on Information and Communication Security, vol 1334, pp39–49, November 1997.
E. Bertino, Sushil Jajodia and P. Samarati, A Non-timestamped Authorization Model for Data Management Systems. Proceedings of the 3rd ACM Conference on Computer and Communications Security, pp169–178, 1996.
D.E.Denning, A Lattice Model of Secure Information Flow. Communications of the ACM, Vol. 19, No. 5, pp236–243, 1976.
M.R.Harrison, W.L.Ruzzo and J.D.Ullman, Protection in Operating Systems. Communications of the ACM, Vol. 19, No. 8, pp461–671, 1976.
S.Jajodia, P.Samarati, and V.S.Subrahmanian, A Logical Language for Expressing Authorizations, Proceedings of IEEE Symposium on Security and Privacy, 1997.
M.J.Nash and K.R.Poland, Some Conundrums Concerning Separation of Duty. Proceedings of IEEE Symposium on Security and Privacy, pp201–207, 1990.
R. Reiter, A logic for default reasoning, Artificial Intelligence, 13(1–2): 81–132, 1980.
R.S. Sandhu and S. Ganta, On the Expressive Power of the Unary Transformation Model, Third European Symposium on Research in Computer Security, pp 301–318, 1994.
T.Y.C. Woo and S.S. Lam, Authorization in distributed systems: A formal approach, Proceedings of IEEE Symposium on Research in Security and Privacy, pp 33–50, 1992.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bai, Y., Varadharajan, V. (1998). A high level language for conventional access control models. In: Boyd, C., Dawson, E. (eds) Information Security and Privacy. ACISP 1998. Lecture Notes in Computer Science, vol 1438. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0053740
Download citation
DOI: https://doi.org/10.1007/BFb0053740
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64732-4
Online ISBN: 978-3-540-69101-3
eBook Packages: Springer Book Archive