Separating access control policy, enforcement, and functionality in extensible systems
ACM Transactions on Computer Systems (TOCS)
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Policy Based Access Control in Dynamic Grid-based Collaborative Environment
CTS '06 Proceedings of the International Symposium on Collaborative Technologies and Systems
Hi-index | 0.00 |
Currently, most security models focus on different control objects or restrict conditions, and this method loses generality. One example is RBAC, which only controls access behavior. It is the specialty that restrains model from being used widely. RBAC can only be used in application related to access control. Why do we not take general behavior as control object? Policy-based security technology can manage behavior uniformly. If we can use the general behavior as control object, and combine with policy-based technology, great progress will be got. This paper proposes a Policy-based Behavior Control model (PBBC). PBBC controls system with general behavior. And the property of the behavior is described with variable. Hence the restriction of the behavior is also general and more comprehensive than the exiting models. Furthermore, based on policy, PBBC separates application logic, control logic and security policy from each other, which makes it more flexible and is easy to be realized. In this paper, we provide the description of PBBC and its design method. An application sample of PBBC is also provided.