An integrated model for access control and information flow requirements

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4846 LNCS, Issue , 2007, Pages 111-125

  Ayed, Samiha ^a   Cuppens Boulahia, Nora ^a   Cuppens, Frédéric ^a  

^a ECOLE DES MINES DE NANTES   (France)

Author keywords

DTE; MLS; OrBAC; RBAC; Security policy

Indexed keywords

DATA FLOW ANALYSIS; FUNCTION EVALUATION; MAPPING; MATHEMATICAL MODELS;

INFORMATION FLOWS; REFERENCE MODEL;

ACCESS CONTROL;

EID: 38349054601     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-76929-3_12     Document Type: Conference Paper

References (26)

1. Sandhu, R.S.: Lattice-Based Access Control Models. IEEE Computer 26(11), 9-19 (1993)
2. Nyanchama, M., Osborn, S.: Information Flow Analysis in Role-Based Security Systems. In: Proc. ICCI 1994. International Conference on Computing and Information, pp. 1368-1384 (1994)
3. Nyanchama, M., Osborn, S.: Modeling Mandatory Access Control in Role-Based Security Systems. In: IFIP Workshop on Database Security (1996)
4. Sandhu, R.: Role Hierarchies and Constraints for Lattice-Based Access Controls. In: Proc. Fourth European Symposium on Research in Computer Security, Rome, Italy (1996)
5. Osborn, S.: Mandatory Access Control and Role-Based Access Control Revisited. In: Proceedings of the second ACM workshop on Role-based access control, Fairfax, Virginia, United States, pp. 31-40 (1997)
6. Kuhn, D.R.: Role Based Access control on MLS Systems without Kernel changes. In: Proceedings of the third ACM Workshop on Role-Based Access Control, Fairfax, Virginia, United States, pp. 25-32 (1998)
7. Osborn, S., Sandhu, R., Munawer, Q.: Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access control Policies. ACM Transactions on Information and System Security 3(2), 85-106 (2000)
8. Demurjian, S.: Implementation of Mandatory Access control in Role-Based Security System. CSE367 Final Project report (2001)
9. Myers, A.C., Sabelfeld, A., Zdancewic, S.: Enforcing robust declassification. In: Proc. IEEE Computer Security Foundations Workshop, pp. 172-186 (June 2004)
10. Sandhu, R., Munawer, Q.: How to do discretionary access control using roles. In: Proc. of the 3rd ACM Workshop on Role Based Access Control (RBAC 1998), Fairfax, VA, USA (1998)
11. Atluri, V., Huang, W.-K.: Enforcing Mandatory and Discretionary security in Workflow Management Systems. Journal of Computer Security 5(4), 303-339 (1997)
12. Atluri, V., Huang, W.-K., Bertino, E.: A semantic Based Execution Model for Multilevel Secure Workflows. Journal of Computer Security 8(1) (2000)
13. Liu, L.: On secure Flow Analysis in Computer systems. In: Proc. IEEE Symposium on Research in Security and Privacy, pp. 22-33 (1980)
14. Milien, J.K.: Information Flow Analysis of Formal Specifications. In: Proc. IEEE Symposium on Research in Security and Privacy, pp. 3-8 (1981)
15. Badger, L., Sterne, D.F., Sherman, D.L., Walker, K.M., Haghighat, S.A.: Practical Domain and Type Enforcement for Unix. In: IEEE Symposium on Security and Privacy, Oakland, CA, USA (1995)
16. Tidswell, J., Potter, J.: Domain and Type Enforcement in a μ-Kemel. In: Proceedings of the 20th Australasian Computer Science Conference, Sydney, Australia (1997)
17. Kiszka, J., Wagner, B.: Domain and Type Enforcement for Real-Time Operating Systems. In: Proceedings ETFA 2003, Emerging Technologies and Factory Automation (2003)
18. Abou El Kalam, A., El Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miége, A., Saurel, C., Trouessin, G.: Organization Based Access Control. In: IEEE 4th International Workshop on Policies for Distributed Systems and Networks, Lake Come, Italy (2003)
19. Cuppens, F., Cuppens-Boulahia, N., Sans, T., Miége, A.: A formal approach to specify and deploy a network security policy. In: Second Workshop on Formal Aspects in Security and Trust (FAST), Toulouse, France (2004)
20. Cuppens, F., Cuppens-Boulahia, N., Miége, A.: Inheritance hierarchies in the OrBAC model and application in a network environment. In: Second Foundations of Computer Security Workshop (FCS 2004), Turku, Finlande (2004)
21. Cuppens, F., Miége, A.: Modelling contexts in the Or-BAC model. In: 19th Annual Computer Security Applications Conference, Las Vegas (2003)
22. Boebert, W.E., Kain, R.Y.: A further Note on the Confinment Problem. In: Proceedings of the IEEE 1996 International Carnahan Conference on Security Technology, IEEE Computer Society, New York (1996)
23. Boebert, W.E., Kain, R.Y., Young, W.D.: The extended Access Matrix Model of Computer Security. ACM Sigsoft Software Engineering Notes 10(4) (1985)
24. Hallyn, S., Kearns, P.: Tools to Administer Domain and Type Enforcement. LISA XV. San Diego, CA (2001)
25. Oostendorp, K.A., Badger, L., Vance, C.D., Morrison, W.G., Petkac, M.J., Sherman, D.L., Sterne, D.F.: Domain and Type Enforcement Firewalls. In: Proceedings of the Thirteenth Annual Computer Security Applications Conference, San Diego, California, pp. 122-132 (1997)
26. Walker, K.M., Sterne, D.F., Lee Badger, M., Petkac, M.J., Shermann, D.L., Oostendorp, K.A.: Confining Root Programs with Domain and Type Enforcement (DTE). In: Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography, San Jose, California, vol. 6 (1996)