DocumentCode
2589774
Title
Conceptualizing and Generalizing Access Control
Author
Al-Fedaghi, Sabah S.
Author_Institution
Comput. Eng. Dept., Kuwait Univ., Safat, Kuwait
fYear
2010
fDate
21-23 April 2010
Firstpage
1
Lastpage
8
Abstract
Access control models traditionally have been used to indicate which subjects have access to which objects. This paper conceptualizes access control in terms of information flow. A fundamental concept in this flow is that objects are "things that flow", i.e., that are received, processed, created, released, and transferred. The resulting diagrammatic description specifies the stream of flow between subjects and the system. Accordingly, security policies and constraints can be declared to control the flow in the stream. The paper gives an illustration of this flow-based description and provides examples from the security field that generalize the known access control methods.
Keywords
authorisation; access control models; flow-based description; security field; Access control; Application software; Business communication; Communication system security; Hospitals; Information security; Information systems; Manufacturing; Production facilities; Solids;
fLanguage
English
Publisher
ieee
Conference_Titel
Information Science and Applications (ICISA), 2010 International Conference on
Conference_Location
Seoul
Print_ISBN
978-1-4244-5941-4
Electronic_ISBN
978-1-4244-5943-8
Type
conf
DOI
10.1109/ICISA.2010.5480356
Filename
5480356
Link To Document