A layered design of discretionary access controls with decidable safety properties

Proceedings - IEEE Symposium on Security and Privacy

Volumn 2004, Issue , 2004, Pages 56-67

  Solworth, Jon A ^a   Sloan, Robert H ^a  

^a 1120 Science and Engineering Offices   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL MODELS; DISCRETIONARY ACCESS CONTROLS (DAC); PARAMETERIZATION; PROTECTION SEMANTICS;

ALGORITHMS; COMPUTATIONAL COMPLEXITY; COMPUTER OPERATING SYSTEMS; COMPUTER PROGRAMMING LANGUAGES; MATHEMATICAL MODELS; SECURITY OF DATA; SEMANTICS; SET THEORY;

COMPUTER SCIENCE;

EID: 3543115068     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SECPRI.2004.1301315     Document Type: Conference Paper

References (24)

1. J. P. Anderson. Computer security technology planning study. Technical Report ESD-TR-73-51, AFSC, Hanscom AFB, Bedford, MA, Oct. 1972. AD-758 206, ESD/AFSC.
2. D. E. Bell and L. J. LaPadula. Secure computer systems: Mathematical foundations and model. Technical Report M74-244, Mitre Corporation, Bedford MA, 1973.
3. W. E. Boebert and R. Kain. A practical alternative to hierarchical integrity policies. In 8th National Computer Security Conference, pages 18-27, Gaithersburg, MD, 1985.
4. D. F. C. Brewer and M. J. Nash. The Chinese Wall security policy. In IEEE Symposium on Security and Privacy, pages 206-214, 1989.
5. J. Crampton. Authorizations and Antichians. PhD thesis, Birkbeck College, Univ. of London, UK, 2002.
6. D. E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5):236-243, 1976.
7. D. F. Ferraiolo and R. Kuhn. Role based access control. In 15th National Computer Security Conference, pages 554-563, Baltimore, MD, Oct. 1992.
8. M. A. Harrison, W. L. Ruzzo, and J. D. Ullman. Protection in operating systems. Communications of the ACM, 19(8):461-471, Aug. 1976.
9. T. Jaeger and J. E. Tidswell. Practical safety in flexible access control models. ACM Transactions on Information and System Security (TISSEC), 4(2):158-190, 2001.
10. A. K. Jones, R. J. Lipton, and L. Snyder. A linear time algorithm for deciding security. In Proc. 17th Annual Symp. on Foundations of Computer Science, pages 33-41, 1976.
11. Koch, Mancini, and Parisi-Presicce. Decidability of safety in graph-based models for access control. In ESORICS: European Symposium on Research in Computer Security, pages 229-243. LNCS, Springer-Verlag, 2002.
12. M. Koch, L. V. Mancini, and F. Parisi-Presicce. A graph-based formalism for RBAC. ACM Transactions on Information and System Security (TISSEC), 5(3):332-365, 2002.
13. B. Lampson. Protection. In ACM Operating Systems Review, volume 8, pages 18-24. ACM, 1974.
14. Q. Munawer and R. Sandhu. Simulation of the augmented typed access matrix model (ATAM) using roles. In INFOS-ECU99: International Conference on Information Security, 1999.
15. R. O'Brien and C. Rogers. Developing applications on LOCK. In Proc. 14th NIST-NCSC National Computer Security Conference, pages 147-156, 1991.
16. S. Osborn, R. Sandhu, and Q. Munawer. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and Systems Security, 3(2):85-106, May 2000.
17. R. Sandhu, V. Bhamidipati, and Q. Munawer. The ARBAC97 model for role-based administration of roles. ACM Transactions on Information and System Security, 2(1):105-135, 1999.
18. R. S. Sandhu. The typed access matrix model. In Proceedings of the IEEE Symposium on Security and Privacy, pages 122-136, 1992.
19. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38-47, 1996.
20. L. Snyder. Formal models of capability-based protection systems. IEEE Trans. Comput., C-30(3):172-181, Mar. 1981.
21. M. Soshi. Safety analysis of the dynamic-typed access matrix model. In F. Cuppens, Y. Deswarte, D. Gollmann, and M. Waidner, editors, 6th European Symposium on Research in Computer Security (ESORICS 2000), volume 1895 of Lecture Notes in Computer Science, pages 106-121, Toulouse, France, 2000. Springer-Verlag.
22. J. Tidswell and T. Jaeger. An access control model for simplifying constraint expression. In S. Jajodia and P. Samarati, editors, Proceedings of the 7th ACM Conference on Computer and Communications Security (CCS-00), pages 154-163, N.Y., Nov. 1-4 2000. ACM Press.
23. J. F. Tidswell and T. Jaeger. Integrated constraints and inheritance in DTAC. In Proceedings of the 5th ACM Workshop on Role-Based Access Control (RBAC-00), pages 93-102, N.Y., July 26-27 2000. ACM Press.
24. C. Wright, C. Cowan, S. Smalley, J. Morris, and G. Kroah-Hartman. Linux security modules: General security support for the linux kernel. In Proceedings of the 11th Usenix Security Symposium, San Francisco, Ca., Aug. 2002.