Composing and combining policies under the policy machine

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Volumn , Issue , 2005, Pages 11-20

  Ferraiolo, David F ^a   Gavrila, Serban ^a   Hu, Vincent ^a   Kuhn, D Richard ^a  

^a NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY   (United States)

Author keywords

Access control; Multi level security; Role based access control; Separation of duty

Indexed keywords

ACCESS CONTROL; MULTI-LEVEL SECURITY; ROLE BASED ACCESS CONTROL; SEPARATION OF DUTY;

COMPUTER NETWORKS; COMPUTER OPERATING SYSTEMS; PROJECT MANAGEMENT; SECURITY OF DATA;

PUBLIC POLICY;

EID: 30644479584     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1063979.1063982     Document Type: Conference Paper

References (14)

1. National Commission on Terrorist Attacks Upon the United States. The 9/ 11 Commission Report, 2004.
2. Anderson, J.P., Computer Security Technology Planning Study, Tech Report ESD-TR-73-51, US Air Force Electronic Systems Div., Hanscom AFB, 1972.
3. B. Lampson. Protection. ACM Operating Sys. Reviews, 8, 1 (1974), 18-24.
4. Jerome H. Saltzer and Michael D. Schroeder. The protection of information in computer systems. Proc. IEEE, 63, 9 (September 1975), 1278-1308.
5. ANSI INCITS 359-2004, Role-Based Access Control.
6. D. Bell and La Padula. Secure computer systems: unified exposition and MULTICS. Report ESD-TR-75-306, The MITRE Corporation, Bedford, Massachusetts, March 1976.
7. Peter A. Loscocco, and Stephen P. Smalley. Meeting Critical Security Objectives with Security Enhanced Linux, Proc. 2001 Ottowa Linux Symposium, 2001.
8. D.F. Ferraiolo, J. Barkley, D.R. Kuhn, A Role Based Access Control Model and Reference Implementation within a Corporate Intranet, ACM Transactions on Information Systems Security, 1, 2 (February 1999), 34-64.
9. K. J. Biba. Integrity Considerations for Secure Computer Systems. Technical Report ESD-TR-76-372, USAF Electronic Systems Division, Hanscom Air Force Base, Bedford, Massachusetts, (April 1977).
10. G. Saunders. Role-Based Access Control and the Access Control Matrix. ACM SIGOPS Operating System and Review, 35, 4 (2001), 6-20.
11. L. Badger, et al. A Domain and Type Enforcement Prototype. Computing Systems, 9, 1 (1996), 47-83.
12. R. Sandhu, E. Coyne, H. Feinstein, and C. Youman. Role-Based Access Control Models, IEEE Computer, 29, 2 (Feb. 1996), 38-47.
13. S. Osborn, R. Sandhu, and Q. Munawer. Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies, ACM Transactions on Information and Systems Security, 3, 2 (May 2002), 85-106.
14. S. Jajodia, S. Pierangela, M. L. Sapino, V. S. Sabrahmanian. Flexible Support for Multiple Access Control Policies, ACM Transactions on Database Systems, 26, 2 (June 2001), 214-260.