Digital government security infrastructure design challenges

Computer

Volumn 34, Issue 2, 2001, Pages 66-72

  Joshi, James ^a   Ghafoor, Arif ^b   Aref, Walid G ^c   Spafford, Eugene H ^d  

^a Purdue University   (United States)

^b Och Spine at New York Presbyterian Hospitals   (United States)

^c UNIVERSITY OF MARYLAND   (United States)

^d PURDUE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

DIGITAL GOVERNMENT; DISCRETIONATION ACCESS CONTROL; MANDATORY ACCESS CONTROL; MULTIDOMAIN ENVIRONMENT; SECURITY INFRASTRUCTURE DESIGN;

COMPUTER SIMULATION; COMPUTER SUPPORTED COOPERATIVE WORK; DATA PRIVACY; DATABASE SYSTEMS; DISTRIBUTED COMPUTER SYSTEMS; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; GEOGRAPHIC INFORMATION SYSTEMS; INFORMATION RETRIEVAL; INFORMATION TECHNOLOGY; SECURITY OF DATA; SEMANTICS; SOFTWARE ENGINEERING;

GOVERNMENT DATA PROCESSING;

EID: 0035251598     PISSN: 00189162     EISSN: None     Source Type: Journal    
DOI: 10.1109/2.901169     Document Type: Article

References (13)

1. H. Schorr and S.J. Stolfo, "Towards the Digital Government of the 21st Century," Workshop on Research and Development Opportunities in federal Information Services report, June 1997, http://www.isi.edu/nsf/final.html.
2. E. Bertino, E. Ferrari, and V. Atluri, "The Specification and Enforcement of Authorization Constraints in Workflow Management Systems," ACM Trans. Information and System Security, vol. 2, no. 1, 1999, pp. 65-104.
3. G. Stoneburner, "Information System Security Engineering Principles (ISSEP) - Initial Draft Outline," NIST, 2000, http:// csrc.nist.gov/publications/drafts/epits-draft-0010231.pdf.
4. R.S. Sandhu, "Role Hierarchies and Constraints for Lattice-Based Access Control," Computer Security ESORICS 96, LNCS 1146, Springer Verlag, Berlin, 1996, pp. 65-79.
5. R.S. Sandhu, D. Ferraiolo, and R. Kuhn, "The NIST Model for Role-Based Access Control: Towards A Unified Standard," 5th ACM Workshop on Role-Based Access Control, ACM Press, New York, 2000, pp. 47-60.
6. R.K. Thomas and R.S. Sandhu, "Conceptual Foundations for a Model of Task-Based Authorizations," The Proc. 7th Computer Security Foundation Workshop (CSFW94), IEEE CS Press, Los Alamitos, Calif., June 1994, pp. 66-79.
7. Z. Tari and G. Fernandez, "Security Enforcement in the DOK Federated Database System," Database Security X: Status and Prospects, Chapman and Hall, London, 1997, pp. 23-42.
8. W.E. Kuhnhauser and M.K. Ostrowski, "A Formal Framework to Support Multiple Security Policies," Proc. 7th Canadian Computer Security Symp., Ottawa, Communication Security Establishment Press, 1995, pp. 1-19.
9. L. Gong and X. Qian, "Computational Issues in Secure Interoperation," IEEE Trans. Software Eng., Jan. 1996, pp. 43-52.
10. H.H. Hosmer, "Metapolicies I," ACM SIGSAC Review, 1992, pp. 18-43.
11. Q. He, K. Sycara, and Z. Su, "A Solution to Open Standard of PKI," Proc. 3rd Australian Conf. Information Security and Privacy, ACISP 98, C. Boyd and E. Dawson, eds., Springer, Berlin, July 1998, pp. 99-110.
12. J. Hale, M. Papa, and S. Shenoi, "Programmable Security for Object-Oriented Systems," Proc. Database Security XII: Status and Prospects, Kluwer Academic, Boston, 1998, pp. 109-123.
13. D. Jonscher and K.R. Dittrich, "Argos - A Configurable Access Control System for Interoperable Environments," Proc. 9th Ann. Working Conf. Database Security, Chapman and Hall, London, 1995, pp. 43-60.