Title :
Extending the creation operation in the Schematic Protection Model
Author :
Ammann, P.E. ; Sandhu, R.S.
Author_Institution :
Dept. of Inf. Syst. & Syst. Eng., George Mason Univ., Fairfax, VA, USA
Abstract :
Protection models provide a formalism for specifying control over access to information and other resources in a multi-user computer system. Useful protection models must balance expressive power with the complexity of safety analysis i.e. the determination of whether or not a given subject can ever acquire access to a given resource. The authors argue that, in terms of expressive power, a joint creation operation is a natural candidate for inclusion in an access control model, particularly in the context of integrity considerations. They extend the Schematic Protection Model (SPM) to allow for groups of subjects to jointly create other subjects and objects. They discuss the safety properties of ESPM. Despite the increase in expressive power, ESPM retains tractable safety analysis for many cases of practical interest
Keywords :
data handling; multi-access systems; security of data; ESPM; Schematic Protection Model; access control model; multi-user computer system; safety analysis; Access control; Context modeling; Drives; Information systems; Power engineering and energy; Power system modeling; Power system protection; Safety; Scanning probe microscopy; Systems engineering and theory;
Conference_Titel :
Computer Security Applications Conference, 1990., Proceedings of the Sixth Annual
Conference_Location :
Tucson, AZ
Print_ISBN :
0-8186-2105-2
DOI :
10.1109/CSAC.1990.143796
