Title :
Research on multi-policy supporting access control model
Author :
Jing, Wang ; Lian-xing, Jia ; Zhi, Lin
Author_Institution :
Dept. of Comput. & Inf., Wuhan Polytech. Univ., Wuhan, China
Abstract :
Multi-policy supporting is a security mechanism which can control security system´s action based on more than one policy. This mechanism can enhance the security of system greatly. The exiting typical access control models, such as MAC, DAC, RBAC, are not multi-policy supporting. This paper provides a multi-policy supporting access control model (MPSAC). Because of the complexity of applying multiple policies in MPSAC, we not only define the model´s session and policy, but also illustrate session´s logic relationship, policy conflict, policy decision rules and the implementation method. Different from the exiting access models, a comprehensive description mechanism in MPSAC is proposed to depict the session´s property, and a systemic description and management method are proposed for policy. In order to enforce the policy effectively and improve the model´s flexibility, a new framework for MPSAC is provided, which separates application logic, security control logic and security policy from each other. The application of MPSAC is provided in a hospital information system.
Keywords :
authorisation; computational complexity; formal logic; medical information systems; application logic; comprehensive description mechanism; hospital information system; model session; multipolicy supporting access control model; policy decision rule; security control logic; security mechanism; Authorization; Control systems; Information systems; Runtime; XML; access control; conflict; multi-policy supporting; policy; session;
Conference_Titel :
Performance Evaluation of Computer & Telecommunication Systems (SPECTS), 2011 International Symposium on
Conference_Location :
The Hague
Print_ISBN :
978-1-4577-0139-9
Electronic_ISBN :
978-1-61782-309-1
