Title :
An Organization-Structure Oriented Access Control Policy and its Formal Description
Author :
Zhao, Xiaolong ; Zhang, Yusen ; Zhu, Yingxun
Author_Institution :
Sch. of Command Autom., PLA Univ. of Sci. & Technol., Nanjing
Abstract :
According to the hierarchical characteristic of real enterprise organization, an organization-structure oriented access control (OSOAC) policy is proposed. To formally describe the policy, the concept of organization domain is introduced and then the elements of access control are redefined. Based on these elements, the core OSOAC model is formally defined. Moreover, hierarchical OSOAC model and constrained OSOAC model are drawn by extended the Core OSOAC model. Contrast to RBAC model, there are fewer roles and permission assignment relations in OSOAC model, which reduce the permission-management complexity in a large access control system.
Keywords :
authorisation; computational complexity; formal description; hierarchical characteristic; organization-structure oriented access control policy; permission-management complexity; ANSI standards; Access control; Automation; Computer networks; Control systems; Military equipment; NIST; Permission; Programmable logic arrays; Wireless communication; Access control; Constraint; Hierarchy; Organization-structure; Role instance;
Conference_Titel :
Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC '09. International Conference on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-1-4244-4223-2
DOI :
10.1109/NSWCTC.2009.196
