Extending a capability based system into a network environment
SIGCOMM '86 Proceedings of the ACM SIGCOMM conference on Communications architectures & protocols
A secure distributed capability based system (extended abstract)
ACM '85 Proceedings of the 1985 ACM annual conference on The range of computing : mid-80's perspective: mid-80's perspective
Security Patterns: Integrating Security and Systems Engineering
Security Patterns: Integrating Security and Systems Engineering
Proceedings of the 2006 conference on Pattern languages of programs
Even more patterns for secure operating systems
Proceedings of the 2006 conference on Pattern languages of programs
Patterns for the secure and reliable execution of processes
Proceedings of the 15th Conference on Pattern Languages of Programs
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
| Hi-index | 0.00 |
Distributed systems introduce a new variety of security threats. The organizations that own those systems must protect their information assets from attacks. To do this we need to start with high-level models that represent the security policies of the institution. We present patterns that derive from traditional models: first, the Policy-Based Access Control which models how to decide if a subject is authorized to access an object according to policies defined in a central policy repository. Then we present implementation-oriented patterns that implement the Access Matrix or RBAC model: The ACL pattern allows control access to objects by indicating which subjects can access an object and in what way. There is usually an ACL associated with each object. The Capability pattern allows control access to objects by providing a credential or ticket to be given to a subject for accessing an object in a specific way. Capabilities are given to the principal.