On Mutual Support of Modern and Traditional Access Control Models with UCON and BLP as Case Study

Access control is essential to computer security, especially in an open, distributed, networked communication environment. Modern access control model such as UCON aims at accommodating general requirements. Traditional one such as BLP focuses on specific properties, e.g. confidentiality. Both of these two realms have their limitations. Taking UCON and BLP as case study, this paper explores mutual support of modern and traditional access control models. It investigates BLP´s adaptable characteristic in the UCON perspective. First, it constructs properties in the UCON language to manifest the BLP adaptability, which shows that the BLP adaptability can be ensured to function correctly by the UCON framework. Further, it proposes a formal specification for the BLP adaptability under the UCON framework with the Temporal Logic of Actions, which demonstrates that the BLP adaptability is in good consistency with the UCON model. The significance of the paper is twofold. On the one hand, it exhibits that adaptable quality of the traditional BLP model may be ensured theoretically by the philosophy of modern access control. On the other hand, it enriches the real sense of modern access control models by strengthening the power of traditional access control models.