Title :
Conceptualizing and Generalizing Access Control
Author :
Al-Fedaghi, Sabah S.
Author_Institution :
Comput. Eng. Dept., Kuwait Univ., Safat, Kuwait
Abstract :
Access control models traditionally have been used to indicate which subjects have access to which objects. This paper conceptualizes access control in terms of information flow. A fundamental concept in this flow is that objects are "things that flow", i.e., that are received, processed, created, released, and transferred. The resulting diagrammatic description specifies the stream of flow between subjects and the system. Accordingly, security policies and constraints can be declared to control the flow in the stream. The paper gives an illustration of this flow-based description and provides examples from the security field that generalize the known access control methods.
Keywords :
authorisation; access control models; flow-based description; security field; Access control; Application software; Business communication; Communication system security; Hospitals; Information security; Information systems; Manufacturing; Production facilities; Solids;
Conference_Titel :
Information Science and Applications (ICISA), 2010 International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4244-5941-4
Electronic_ISBN :
978-1-4244-5943-8
DOI :
10.1109/ICISA.2010.5480356
