R.S. Sandhu and P. Samarati. Access Control: Principles and Practice. IEEE Communications Magazine, 32(9):40--48, 1994.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....increases the risk of exposing private and sensitive information to outsiders. Access control constrains what a (legitimate) user can do directly, as well as what programs executing on behalf of the users are allowed to do, in order to prevent activities that could lead to a breach of security [13]. The access control decisions are based on an access control policy defined by the security administrator of the system. Classical policies define which subjects (e.g. users or roles) can access which objects (e.g. files, applications) in which mode (e.g. read, write, execute) Privacy ....

R. Sandhu and P. Samarati. Access control: Principles and practice. IEEE Communications MAGAZINE, 32(9):40--48, 1994.

....systems are to protect resources from unauthorized access and to ensure access to those resources for authorized users. There are a number of models of access control which aim to achieve this goal. Traditional models include discretionary access control (DAC) and mandatory access control (MAC) [19]. A promising alternative to these models is role based access control (RBAC) 5, 6, 13, 16] which allows the specification of access control policy in a way that maps naturally to an organization s structure. This approach brings advantages such as easier understanding of access control policies ....

R. S. Sandhu and P. Samarati. Access control: Principles and practice. IEEE Communications Magazine, 32(9):40-- 48, 1994.

....been devised that attempt to improve upon the e ciency of the DAC model. Some of these schemes attempt to group individuals together or to place a level of indirection between the individual (the subject) and the object. Role Based Access Control (RBAC) is one of the most promising approaches [95, 87]. While an RBAC system grants access based on the possession of privileges, the possession of privileges is only granted after the successful authentication of the subject (user) 1.2.2 Approaches to Authentication There are three main approaches to user authentication [60] These are based upon ....

....an authorisation 9 Secure European System for Applications in a Multivendor Environment. 2.5. Extensions to Standard Kerberos 23 service is Role Based Access Control (RBAC) RBAC closely matches the access controls historically used by organisations whether within or outside of an IT system [95]. Though RBAC is a very promising development in the eld of access control, the main point is to identify that SESAME supports both authentication and authorisation, whereas Kerberos is purely an authentication system [63, 102] Another concept introduced in SESAME is the possible use of di erent ....

R S Sandhu and P Samarati. Access Control: Principles and Practice. IEEE Communication Magazine, pages 40-48, September 1994.

....reconfiguration of the Security Service, facilitating the adoption of situation specific policies and mechanisms for authentication and encryption. The implementation currently supports various access control models including Discretionary Access Control (DAC) and Mandatory Access Control (MAC) [24]. We are now extending it to support Role Based Access Control (RBAC) 22] which will be the basis for security in large scale 2K environments. The possibilities for dynamically configuring the security subsystem that 2K provides are very useful for a wide range of applications in several ....

R. S. Sandu and P. Samarati. Access Control: Principles and Practice. IEEE Communications Magazine, 32(9):40-- 48, Sept. 1994.

....access control. Working with The Analytical Sciences Corporation (TASC) Miriam Hospital and the Institute will soon begin a development program on confidentiality and access control for medical networking. Traditional access control policies such as classical discretionary or mandatory policies [49, 52] are not a good match for the needs of a medical environment. Patient confidentiality must be assured, but this is not necessarily synonymous with security. Access to patient information is related more closely to the activities a user might have in the system, and are most closely related to ....

Ravi S. Sandhu and Pierangela Samarati. Access control: Principles and practice. IEEE Communications Magazine, 32(9), September 1994.

.... [115] discusses an automated separation of duties with the use of roles and transactions control expressions (TCE) For detailed discussion of definition of RBAC, different possible approaches for role organization, and different proposed solution for separation duties the reader is directed to [5, 24, 48, 50, 49, 54, 67, 99, 100, 106, 115, 118, 120, 121, 124, 131, 132, 139, 140] 11 Implementation Strategies The 1982 Air Force Summer Study [26] suggested two architectures for building secure multilevel database management systems (DBMS) Trusted Subject Architecture and Woods Hole architectures. The Woods Hole architectures are the Kernelized, the Replicated ....

Ravi S. Sandhu and P. Samarati. Access Control: Principles and Practice. IEEE Communications Magazine, 9:40--48, September 1994.

....and operations are at stake. Key security concerns such as privacy, confidentiality and integrity may impose severe limitations on what an agent should be allowed to do. Thus, access control plays a key role in the verification multi agent distributed systems (see the review of Sandhu Samarati [34] for an introduction) Its main 1 Formal (logical) analysis and verification are also required by the U.S. government [10] and the E.U. Commission [11] for systems to be legally labelled as trusted . purpose is to restrain the actions which legitimate or malicious agents may perform, either ....

....along the columns and privileges in the cells. Then checking what a subjects can do is just a table look up 2 . 2 This may be technically complicated by the fact that the matrix is usually represented in compact form by lists along rows (capabilities) or along columns (access control lists) [34]. The problem becomes more complicated if we admit operations over such a matrix and are interested in transition analysis [22, 33] In other words, we study the evolution of the system and its safety properties: given some privileges and some operations to change them, prove that the system ....

[Article contains additional citation context not shown here]

R. Sandhu and P. Samarati. Access control: Principles and practice. IEEE Communications Magazine, pages 40--48, September 1994.

....decision method based on analytic tableaux is also given. Analytic tableaux make it possible to reason about logical consequence, model generation and consistency of a formalised role based security policy. 1 Introduction Access control is a key issue for the security of distributed systems (see [28] for an introduction) and plays an important role in the security policies of many organisations such as the military [4] banking [7] or health services [2] Recently, new formal models for access control have emerged besides the traditional access matrix [21] for the design of more sophisticated ....

....the hierarchy top secret TS, secret S, classified C and unclassified U . The users are Alice with TS privileges, Bob with S and Charlie who has none. The system received a message and some delegation certificates (Fig. 5) Should read(f ile)distrib(f ile) be granted with a write up policy [28] In other terms is read(f ile) distrib(f ile) a logical consequence of the RBAC in Fig. 5 Even in this simple case is not easy to see that it is not . Hence the need of a decision method. 5 A Decision Method Based on Tableaux Prefixed tableaux use prefixed requests, i.e.pairs hoe : i where ....

R. Sandhu and P. Samarati. Access control: Principles and practice. IEEE Communications Magazine, pp. 40--48, September 1994.

....axiom schemas, and has some features of the universal modality. As a side effect we show a tableaux calculus for the universal modality which distinguishes it from S5 (via satisfiability on non tree models) 1 Introduction Access control is a key issue for the security of computer systems (see [25] for an introduction) Its main purpose is to restrain the actions which legitimate (or malicious) users may perform, either directly or indirectly (through their programs) Its need arises in any system with multiple users and sensitive information or shared resources such as the military [4] ....

....possibly negated) For instance the formalisation in Fig. 2 is left, right and request restricted. In practice statements are right and request restricted. If ) is used for hierarchies and group and role membership, as in Fig. 1, the rightmost principal is atomic. Moreover, in almost all systems [25], privileges attributions are represented by ACL (Access Control Lists) In the DEC SRC language, an ACL for a request r is simply the conjunctions of statements V i P i controlsr, where r is uninterpreted [19, 23] If we add, among the possible privileges, the possibility to hand over ....

R. Sandhu and P. Samarati. Access control: Principles and practice. IEEE Communications Magazine, pp. 40--48, September 1994.

....controls. Making all these controls to work in concert and consistently enforce enterprise wide access control policies is a daunting task, when there are hundreds of application and supporting systems (e.g. operating systems) The second problem is that traditional access control mechanisms [61] provide limited capabilities for handling complex policies and authorization decisions that are based on factors specific to an application domain. The complexity of access control policies in some application areas, e.g. health care, requires exercising access control policies that are more ....

R. Sandhu and P. Samarati, Access Control: Principles and Practice, IEEE Communications Magazine, vol. 32(9), pp. 40-48, 1994.

No context found.

R.S. Sandhu and P. Samarati. Access Control: Principles and Practice. IEEE Communications Magazine, 32(9):40--48, 1994.

No context found.

R.S. Sandhu and P. Samarati. Access Control: Principles and Practice. IEEE Communications Magazine, 32(9):40--48, 1994.

No context found.

R. S. Sandhu and P. Samarati. Access Control: Principles and Practice. IEEE Communications Magazine, 32(9):40-- 48, 1994.

No context found.

R.S. Sandhu and P. Samarati. Access Control: Principles and Practice. IEEE Communication Magazine, pages 40-48, 1994.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC