An auto-delegation mechanism for access control systems

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 6710 LNCS, Issue , 2011, Pages 1-16

  Crampton, Jason ^a   Morisset, Charles ^a  

^a UNIVERSITY OF LONDON   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL MECHANISM; AUTHORIZATION DECISION; AUTHORIZED USERS; DELEGATION MECHANISMS; END-USERS; MANUAL PROCESS;

CONTROL SYSTEMS; SECURITY SYSTEMS;

ACCESS CONTROL;

EID: 80054080165     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-22444-7_1     Document Type: Conference Paper

References (27)

1. Ardagna, C.A., De Capitani di Vimercati, S., Grandison, T., Jajodia, S., Samarati, P.: Regulating exceptions in healthcare using policy spaces. In: Atluri, V. (ed.) DAS 2008. LNCS, vol. 5094, pp. 254-267. Springer, Heidelberg (2008)
2. Blaze, M.: A cryptographic file system for UNIX. In: 1st ACM Conference on Computer and Communications Security, pp. 9-16 (1993)
3. Brewer, D.F.C., Nash, M.J.: The Chinese Wall Security Policy. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 329-339 (May 1989)
4. Brucker, A.D., Petritsch, H.: Extending access control models with break-glass. In: SACMAT 2009: Proceedings of the 14th ACM symposium on Access control models and technologies, pp. 197-206. ACM, New York (2009)
5. Brucker, A.D., Petritsch, H., Schaad, A.: Delegation assistance. In: IEEE International Workshop on Policies for Distributed Systems and Networks, pp. 84-91 (2009)
6. Chander, A., Mitchell, J.C., Dean, D.: A state-transition model of trust management and access control. In: Proceedings of the 14th IEEE Computer Security Foundations Workshop, pp. 27-43. IEEE Computer Society Press, Los Alamitos (2001)
7. Crampton, J.: Applying hierarchical and role-based access control to XML documents. In: Proceedings of 2004 ACM Workshop on Secure Web Services, pp. 41-50 (2004)
8. Crampton, J.: A reference monitor for workflow systems with constrained task execution. In: Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, pp. 38-47 (2005)
9. Crampton, J., Martin, K.M., Wild, P.: On key assignment for hierarchical access control. In: Proceedings of 19th Computer Security Foundations Workshop, pp. 98-111 (2006)
10. De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Encryption policies for regulating access to outsourced data. ACM Transactions on Database Systems 35(2) (2010)
11. Denning, D.E.: A Lattice Model of Secure Information Flow. Communications of the ACM 19(5), 236-243 (1976)
12. Ferraiolo, D.F., Kuhn, D.R.: Role-based access control. In: Proceedings of the 15th National Computer Security Conference, pp. 554-563 (1992)
13. Giuri, L., Iglio, P.: Role templates for content-based access control. In: Proceedings of Second ACM Workshop on Role-Based Access Control, pp. 153-159 (1997)
14. Habib, L., Jaume, M., Morisset, C.: Formal definition and comparison of access control models. Journal of Information Assurance and Security 4, 372-381 (2009)
15. Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. Communications of the ACM 19(8), 461-471 (1976)
16. Hasebe, K., Mabuchi, M., Matsushita, A.: Capability-based delegation model in RBAC. In: SACMAT 2010: Proceeding of the 15th ACM Symposium on Access Control Models and Technologies, pp. 109-118. ACM, New York (2010)
17. Abou El Kalam, A., El Baida, R., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miège, A., Saurel, C., Trouessin, G.: Organization based access control. In: Proceedings of Policies for Distributed Systems and Networks, Como, Italy, pp. 120-131 (June 2003)
18. Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: Scalable secure file sharing on untrusted storage. In: Proceedings of the FAST 2003 Conference on File and Storage Technologies, pp. 29-42 (2003)
19. Lampson, B.: Protection. In: Proceedings of the 5th Annual Princeton Conference on Information Sciences and Systems, pp. 437-443. Princeton University, Princeton (1971)
20. LaPadula, L.J., Bell, D.E.: Secure Computer Systems: A Mathematical Model. Journal of Computer Security 4, 239-263 (1996)
21. Mavridis, I., Pangalos, G.: eMEDAC: Role-based access control supporting discretionary and mandatory features. In: Proceedings of 13th IFIP WG 11.3 Working Conference on Database Security, pp. 63-78 (1999)
22. G. Miklau and D. Suciu. Controlling access to published data using cryptography. In Proceedings of 29th International Conference on Very Large Data Bases (VLDB 2003), pages 898-909, 2003.
23. Osborn, S.L., Sandhu, R.S., Munawer, Q.: Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security 3(2), 85-106 (2000)
24. Reid, J., Cheong, I., Henricksen, M., Smith, J.: A novel use of RBAC to protect privacy in distributed health care information systems. In: Proceedings of the 8th Australasian Conference on Information Security and Privacy, pp. 403-415 (2003)
25. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38-47 (1996)
26. Wainer, J., Barthelmess, P., Kumar, A.: W-RBAC - a workflow security model incorporating controlled overriding of constraints. International Journal of Cooperative Information Systems 12, 455-485 (2003)
27. Wang, Q., Li, N.: Satisfiability and resiliency in workflow systems. In: Proceedings of 12th European Symposium on Research in Computer Security, pp. 90-105 (2007)