Modelling contexts in the Or-BAC model

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn 2003-January, Issue , 2003, Pages 416-425

  Cuppens, Frédéric ^a   Miège, Alexandre ^b  

^a ECOLE DES MINES DE NANTES   (France)

^b TELECOM PARISTECH   (France)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL; SECURITY OF DATA; SECURITY SYSTEMS;

COMPUTER INFRASTRUCTURE; SECURITY MODEL;

INFORMATION MANAGEMENT;

EID: 84944754330     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSAC.2003.1254346     Document Type: Conference Paper

References (22)

1. Gail-Joon Ahn and Ravi Sandhu. Role-based Authorization Constraints Specification. ACMTransactions on Information and Systems Security, 3(4), 2000.
2. Gail-Joon Ahn and Michael. E. Shin. Role-based Authorization Constraints Specification Using Object Constraint Language. In Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 2001), Massachusetts, USA, 2001.
3. D. E. Bell and L. J. La Padula. Secure Computer Systems: Unified Exposition and Multics Interpretation. Technical Report ESD-TR-75-306, MTR-2997, Rev. 1, MITRE Corporation, Bedfort, MA, March 1976.
4. E. Bertino, P. A. Bonatti, and E. Ferrari. A Temporal rolebased access control access model. ACM transactions on information and System Security, 2001.
5. D. G. Cholewka, R. A. Botha, and J. H. P. Eloff. A Contextsensitive Access Control Model and Prototype Implementation. In IFIP TC 11 16th Annual Working Conference on Information Security, Beijing, China, August 2000.
6. M. J. Covington, W. Long, S. Srinivasan, A. Dey, M. Ahamad, and G. Abowd. Securing context-aware applications using environment roles. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), Chantilly, Virginia, USA, May 2001.
7. M. J. Covington, M. J. Moyer, and M. Ahamad. Generalized role-based access control for securing future applications. In Proceedings of the 23rd National Information Systems Security Conference, (NISSC), Baltimore, MD, USA, October 2000.
8. N. Damianou, N. Dulay, E. Lupu, and M. Sloman. The Ponder Policy Specification Language. In International Workshop, Policies for Distributed Systems and Neworks (Policy 2001), Bristol, UK, January 2001.
9. S. Fischer-Hbner and A. Ott. From a Formal Privacy Model to its Implementation. In Proceedings of the 21st National Information Systems Security Conference, 1998.
10. C. Georgiadis, I. Mavridis, and G. Pangalos. Context and Role Based Hybrid Access Control for Collaborative Environments. In Proceedings of the Fifth Nordic Workshop on Secure IT Systems - Encouraging Co-operation (NORDSEC 2000), Reykjavik, Iceland, October 2000.
11. Christos K. Georgiadis, Ioannis Mavridis, George Pangalos, and Roshan K. Thomas. Flexible team-based access control using contexts. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), Chantilly, Virginia, USA, May 2001.
12. Joseph Halpern and Vicky Weissman. Using First-Order Logic to Reason about Policies. In Proceedings of the 16th IEEE Computer Security Foundations Workshop (CSFW'03), 2003.
13. M. Harrison, W. Ruzzo, and J. Ullman. Protection in operating systems. CACM, 19(8):461-471, August 1976.
14. R. Holbein, O. Morger, U. Nitsche, and S. Teufel. Realization of a Context-Dependent Access Control Mechanism on a Commercial Platform. In IFIP 14th International Conference on Information Security (IFIP/Sec'98), Vienna-Budapest, Austria-Hungary, August 31 - September 4 1998.
15. S. Jajodia, M. Kudo, and V.S. Subrahmanian. Provisional Authorizations. In editor A. Ghosh, editor, E-commerce Security and Privacy, pages 133-159. Kluwer Academic Publishers, 2001.
16. S. Jajodia, P. Samarati, and V. S. Subrahmanian. A Logical Language for Expressing Authorizations. In Proceedings of IEEE Symposium on Security and Privacy, pages 31-42, Oakland, California, USA, 1997.
17. A. Abou El Kalam, R. El Baida, P. Balbiani, S. Benferhat, F. Cuppens, Y. Deswarte, A. Mìege, C. Saurel, and G. Trouessin. Organization Based Access Control. In Proceedings of IEEE 4th International Workshop on Policies for Distributed Systems and Networks (POLICY 2003), Lake Como, Italy, June 2003.
18. M. Kudo and S. Hada. XML Document Security based on Provisional Authorization. In Proceedings of the 7th ACM Conference on Computer and Communication Security (CCS 2000), Athens, Greece, 2000.
19. Markus G. Kuhn. Optical Time-Domain Eavesdropping Risks of CRT Displays. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, Oakland, California, USA, 2002.
20. Patrick McDaniel. On Context in Authorization Policy. In Proceedings of the 8th ACM Sympoisum On Access Control Models and Technologies (SACMAT 2003), Como, Italy, June 2003.
21. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-Based Access Control Models. IEEE Computer, 29(2):38-47, February 1996.
22. Roshan K. Thomas. TMAC: A primitive for Applying RBAC in collaborative environment. In 2nd ACM, Workshop on RBAC, pages 13-19, Fair Fax, Virginia, USA, 1997.