CLASSIC: a structural data model for objects
SIGMOD '89 Proceedings of the 1989 ACM SIGMOD international conference on Management of data
Time-dependent concepts: representation and reasoning using temporal description logics
Data & Knowledge Engineering
Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Context sensitivity in role-based access control
ACM SIGOPS Operating Systems Review
A survey of temporal extensions of description logics
Annals of Mathematics and Artificial Intelligence
Lattice-Based Access Control Models
Computer
Temporal ER Modeling with Description Logics
ER '99 Proceedings of the 18th International Conference on Conceptual Modeling
A Model for Attribute-Based User-Role Assignment
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Modelling Contexts in the Or-BAC Model
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
The Description Logic Handbook
The Description Logic Handbook
A dynamic access control model
Applied Intelligence
Hi-index | 0.00 |
This paper present a dynamic multilevel access control model based on description logic with default and exception to capture the context feature. To define a security policy independently of the implementation, our access control model is structured in two levels: a concrete level and an abstract level. Subject and object are respectively abstracted into role and view. The level is assigned to role instead of subject and to the view instead of object. All subjects who play same role have the same level of clearance and all objects that belong to the same view have the same classification level. A subject is authorised to access to the object if its clearance level is greater than or equal to the classification level of object in a given context. The context allows us to provide dynamic authorisation, to each context switch, new authorisations are deduced. Our model allows the representation of composed contexts, the addition of new context and exception to the current context.