مرکز منطقه ای اطلاع رساني علوم و فناوري - On Access Checking in Capability-Based Systems

DocumentCode :

564747

Title :

On Access Checking in Capability-Based Systems

Author :

Kain, Richard Y. ; Landwehr, Carl E.

Author_Institution :

University of Minnesota

fYear :

1986

fDate :

7-9 April 1986

Firstpage :

Lastpage :

Abstract :

Public descriptions of capability-based system designs often do not clarify the necessary details concerning the propagation of access rights within the systems. A casual reader may assume that it is adequate for capabilities to be psssed in accordance with the rules for data copying. A system using such a rule cannot enforce either the military security policy or the Bell and LaPadula rules. The paper shows why this problem arises and provides a taxonomy of capability-based designs. Within the space of design options defined by the taxonomy we identify a class of designs that cannot enforce the Bell-LaPadula rules and two designs that do allow their enforcement.

Keywords :

Access control; Context; Permission; System analysis and design; Taxonomy; US Department of Defense;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Security and Privacy, 1986 IEEE Symposium on

Conference_Location :

Oakland, CA, USA

ISSN :

1540-7993

Print_ISBN :

0-8186-0716-5

Type :

conf

DOI :

10.1109/SP.1986.10001

Filename :

6234871

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=564747