Resiliency policies in access control

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2006, Pages 113-123

  Li, Ninghui ^a   Tripunitara, Mahesh V ^b   Wang, Qihua ^a  

^a PURDUE UNIVERSITY   (United States)

^b MOTOROLA INC   (United States)

Author keywords

Access control; Fault tolerant; Policy design

Indexed keywords

EMERGENCY SITUATIONS; POLICY DESIGN; RESILIENCY POLICY;

FAULT TOLERANT COMPUTER SYSTEMS; HIERARCHICAL SYSTEMS; INFORMATION MANAGEMENT; POLYNOMIAL APPROXIMATION; PROBLEM SOLVING; USER INTERFACES;

ACCESS CONTROL;

EID: 34547319005     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1180405.1180421     Document Type: Conference Paper

References (27)

1. G.-J. Ahn and R. S. Sandhu. Role-based authorization constraints specification. ACM Transactions on Information and System Security, 3(4):207-226, Nov. 2000.
2. D. D. Clark and D. R. Wilson. A comparision of commercial and military computer security policies. In Proceedings of the, 1987 IEEE Symposium on Security and Privacy, pages 184-194. IEEE Computer Society Press, May 1987.
3. J. Crampton. Specifying and enforcing constraints in role-based access control. In Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies (SACMAT 2003), pages 43-50, Como, Italy, June 2003.
4. Daniel Le Berre (project leader). SAT4J: A satisfiability library for Java. URL http://www.sat4j.org/, Jan. 2006.
5. D. Du, J. Gu, and P. M. Pardalos, editors. Satisfiability Problem: Theory and Applications, volume 35 of DIMACS Series in Discrete Mathematics and Theoretical Computer Science. AMS Press, 1997.
6. M. R. Garey and D. J. Johnson. Computers And Intractability: A Guide to the Theory of NP-Completeness. W.H. Freeman and Company, 1979.
7. V. D. Gligor, S. I. Gavrila, and D. F. Ferraiolo. On the formal definition of separation-of-duty policies and their composition. In Proceedings of IEEE Symposium on Research in Security and Privacy, pages 172-183, May 1998.
8. G. S. Graham and P. J. Denning. Protection - principles and practice. In Proceedings of the AFIPS Spring Joint Computer Conference, volume 40, pages 417-429. AFIPS Press, May 16-18 1972.
9. M. A. Harrison, W. L. Ruzzo, and J. D. Ullman. Protection in operating systems. Communications of the ACM, 19(8):461-471, Aug. 1976.
10. T. Jaeger and J. E. Tidswell. Practical safety in flexible access control models. ACM Transactions on Information and System Security, 4(2): 158-190, May 2001.
11. M. Koch, L. V. Mancini, and F. Parisi-Presicce. Decidability of safety in graph-based models for access control. In Proceedings of the Seventh European Symposium on Research in Computer Security (ESORICS 2002), pages 229-243. Springer, Oct. 2002.
12. M. Koch, L. V. Mancini, and F. Parisi-Presicce. A graph-based formalism for RBAC. ACM Transactions on Information and System Security, 5(3):332-365, Aug. 2002.
13. B. W. Lampson. Protection. In Proceedings of the 5th Princeton Conference on Information Sciences and Systems, 1971. Reprinted in ACM Operating Systems Review, 8(1):18-24, Jan 1974.
14. N. Li, Z. Bizri, and M. V. Tripunitara. On mutually-exclusive roles and separation of duty. In Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS-11), pages 42-51. ACM Press, Oct. 2004.
15. N. Li, J. C. Mitchell, and W. H. Winsborough. Beyond proof-of-compliance: Security analysis in trust management. Journal of the ACM, 52(3):474-514, May 2005.
16. Preliminary version appeared in Proceedings of 2003 IEEE Symposium on Security and Privacy.
17. N. Li and M. V. Tripunitara. Security analysis in role-based access control. In Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies (SACMAT 2004), pages 126-135, June 2004.
18. R. J. Lipton and L. Snyder. A linear time algorithm for deciding subject security. Journal of the ACM, 24(3):455-464, 1977.
19. M. J. Nash and K. R. Poland. Some conundrums concerning separation of duty. In Proceedings of IEEE Symposium on Research in Security and Privacy, pages 201-209, May 1990.
20. C. H. Papadimitriou. Computational Complexity. Addison Wesley Longman, 1994.
21. J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9): 1278-1308, September 1975.
22. R. Sandhu. Separation of duties in computerized information systems. In Proceedings of the IFIP WG11.3 Workshop on Database Security, Sept. 1990.
23. R. S. Sandhu. The schematic protection model: Its definition and analysis for acyclic attenuating systems. Journal of the ACM, 35(2):404-432, 1988.
24. R. S. Sandhu. Transaction control expressions for separation of duties. In Proceedings of the Fourth Annual Computer Security Applications Conference (ACSAC'88), Dec. 1988.
25. R. S. Sandhu. The typed access matrix model. In Proceedings of the 1992 IEEE Symposium on Security and Privacy, pages 122-136. IEEE Computer Society Press, May 1992.
26. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38-47, February 1996.
27. T. T. Simon and M. E. Zurko. Separation of duty in role-based environments. In Proceedings of The 10th Computer Security Foundations Worhhop, pages 183-194. IEEE Computer Society Press, June 1997.