Title :
Revocations - A classification
Author :
Hagstrom, Asa ; Jajodia, S. ; Parisi-Presicce, Francesco ; Wijesekera, D.
Author_Institution :
Center for Secure Info. Systems, George Mason Univ., Fairfax, VA, USA
Abstract :
In an ownership-based framework for access control, with the possibility of granting access and administrative rights, chains of granted accesses will form. This is a comprehensive study of the problem of revoking such rights, and on the impact different revocation schemes may have on the chains. Three main revocation characteristics are identified: the extent of the revocation to other grantees (propagation), the effect on other grants to the same grantee (dominance), and the permanence of the negation of rights (resilience). A classification is devised using these three dimensions. The different schemes thus obtained are described, and compared to other models from the literature.
Keywords :
Access control; Databases; Financial management; Permission; Project management; Resilience;
Conference_Titel :
Computer Security Foundations Workshop, 2001. Proceedings. 14th IEEE
Conference_Location :
Cape Breton, Novia Scotia, Canada
Print_ISBN :
0-7695-1147-3
DOI :
10.1109/CSFW.2001.930135
