Security assurance for an RBAC/MAC security model

IEEE Systems, Man and Cybernetics Society Information Assurance Workshop

Volumn , Issue , 2003, Pages 260-267

  Phillips, C E ^a   Demurjian, S A ^b   Ting, T C ^b  

^a UNITED STATES MILITARY ACADEMY   (United States)

^b UNIVERSITY OF CONNECTICUT   (United States)

Author keywords

Access control; Application software; Data security; Databases; Government; Middleware; Programming profession; Prototypes; Servers; Software prototyping

Indexed keywords

APPLICATION PROGRAMMING INTERFACES (API); APPLICATION PROGRAMS; COMPUTER PROGRAMMING; CYBERNETICS; DATABASE SYSTEMS; MIDDLEWARE; NETWORK SECURITY; SECURITY OF DATA; SECURITY SYSTEMS; SERVERS; SOFTWARE PROTOTYPING;

APPLICATION PROGRAMMER INTERFACES; CLIENT APPLICATIONS; GOVERNMENT; GOVERNMENT AGENCIES; OPERATING SOFTWARE; PROGRAMMING PROFESSION; PROTOTYPES; SECURITY ASSURANCE;

ACCESS CONTROL;

EID: 34247203638     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SMCSIA.2003.1232431     Document Type: Conference Paper

References (23)

1. th ACM SACMAT, May 2001.
2. rd Annual ISSEA Conf., Mar. 2002.
3. C. Phillips, S. Demurjian, T.C. Ting, "Towards Information Assurance in Dynamic Coalitions", Proc. of 2002 IEEE Info. Assurance Wksp., June 2002.
4. M. Liebrand, et al., "Role Delegation for a Resource-Based Security Model," Data and Applications Security: Developments and Directions II, E. Gudes and S. Shenoi (eds.), Kluwer, 2003.
5. D. Spooner, "The Impact of Inheritance on Security in Object-Oriented Database Systems," Database Security, II: Status and Prospects, Landwehr (ed.), North-Holland, 1989.
6. S. Demurjian and T.C. Ting, "Towards a Definitive Paradigm for Security in Object-Oriented Systems and Applications," J. of Computer Security, 5(4), 1997.
7. R. Sandu, "Role-Based Access Control," Advancements in Computer Science, Vol. 48. Zerkowitz (ed.), Academic Press, 1998.
8. D. Bell and L. LaPadula, "Secure Computer Systems: Mathematical Foundations Model." Mitre Corp., 1975.
9. T. Lunt and D. Hsieh, "The SeaView Secure Database System: A Progress Report," Proc. of 1990 European Symp. on Research in Computer Security, Oct. 1990.
10. E. Bertino, et al., "A Temporal Access Control Mechanism For Database Systems," IEEE Trans. on Knowledge and Data Engineering, 8(1), Feb. 1996.
11. E. Bertino, et al., "The Specification and Enforcement of Authorization Constraints in Workflow Management Systems," ACM Trans. on Info. Systems Security, 2(1), Feb. 1999.
12. W. Essamyr, et al., "Using Role-Templates for Handling Recurring Role Structures," Database Security, XI: Status and Prospects, Lin/Qian (eds.), Chapman Hall, 1998.
13. th ACM Wksp. on RBAC, July 2000.
14. L. Zhang, G. Ahn, B. Chu. "A Rule Based Framework for Role-Based Delegation," Proc. of 6th ACM SACMAT, Fairfax, Virginia, May 2001.
15. Joint Operational Support Center. "GCCS," DISA, 1999.
16. th ACM Wksp. on RBAC, October 1999.
17. th Annual Computer Security Application Conf., Oct. 2000.
18. K. Alford, et al., "Information Assurance Pedagogy," Proc. of IEEE Info. Assurance Wksp., June 2001.
19. nd IEEE Info. Assurance Wksp., June 2001.
20. th National Computer Security Conf., NIST, Oct. 1991.
21. W. Maconachy, et al., "A Model for Information Assurance: An Integrated Approach," Proc. of IEEE Info. Assurance Wksp., June 2001.
22. S. Gavrila, and J. Barkley, Formal Specification For Role Based Access Control User/Role And Role/Role Relationship Management," Proc. of the 3rd ACM Wksp. on RBAC, Oct. 1998.
23. [SSE-CMM] "System Security Engineering Capability Maturity Model, SSE-CMM, Model Description Document," Ver. 2.0, ©1999 by CMU.