Title :
Modeling complex access control policies in distributed systems
Author :
Chow, Randy ; Kao, I-Lung
Author_Institution :
Dept. of Comput. & Inf. Sci. & Eng., Florida Univ., Gainesville, FL, USA
Abstract :
In a distributed environment where users and resources are dispersed, security policies often require a more complex control mechanism, for access authorization. Authorization for a subject accessing objects depends not only on its normal access rights but also on its access history and interaction with other subjects. In this paper, frequently desirable multilevel exceptions are systematically categorized and it is shown that many state-dependent security policies are actually examples of these multilevel exceptions. An effective access control model based on Boolean expressions of classified categories is proposed to enforce all the multilevel exceptions in a uniform and elegant way
Keywords :
authorisation; distributed processing; security of data; Boolean expressions; access authorization; access control model; access control policies; classified categories; distributed systems; security policies; state-dependent security; Access control; Computer security; Distributed computing; History; Information security; Lattices; Multilevel systems; Permission; Power system modeling; Power system security;
Conference_Titel :
Distributed Computing Systems, 1995., Proceedings of the Fifth IEEE Computer Society Workshop on Future Trends of
Conference_Location :
Cheju Island
Print_ISBN :
0-8186-7125-4
DOI :
10.1109/FTDCS.1995.525010
