Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Context sensitivity in role-based access control
ACM SIGOPS Operating Systems Review
Lattice-Based Access Control Models
Computer
A Model for Attribute-Based User-Role Assignment
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Managing Context Information in Mobile Devices
IEEE Pervasive Computing
Human-Computer Interaction
Hi-index | 0.00 |
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments like military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes may be required in some environments. Moreover, as computing technology becomes more pervasive, flexible access control mechanisms are needed. Unlike traditional approaches for access control, such access decisions depend on the combination of the required credentials of users and the context of the system. Incorporating context-awareness into mandatory access control models results in a model appropriate for handling such context-aware policies and context- sensitive class association mostly needed in multilevel security environments. In this paper, we introduce a context-aware mandatory access control model (CAMAC) capable of dynamic adaptation of access control policies to the context, and handling context-sensitive class association, in addition to preservation of confidentiality and integrity. One of the most significant characteristics of the model is its high expressiveness which allows us to express various mandatory access control models such as Bell-LaPadula, Biba, Dion, and Chinese Wall with it.