Towards access control model engineering

Authors:
Winfried E. Kühnhauser;Anja Pölck
Affiliations:
Ilmenau University of Technology, Ilmenau, Germany;Ilmenau University of Technology, Ilmenau, Germany
Venue:
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Year:
2011

Citing 11
Cited 1

Integrating Flexible Support for Security Policies into the Linux Operating System

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Protection

ACM SIGOPS Operating Systems Review
On protection in operating systems

SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
The Typed Access Matrix Model

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Towards a formal model for security policies specification and validation in the selinux system

Proceedings of the ninth ACM symposium on Access control models and technologies
An attribute-based access matrix model

Proceedings of the 2005 ACM symposium on Applied computing
Towards Formal Verification of Role-Based Access Control Policies

IEEE Transactions on Dependable and Secure Computing
Protection: principles and practice

AFIPS '72 (Spring) Proceedings of the May 16-18, 1972, spring joint computer conference
The next 700 access control models or a unifying meta-model?

Proceedings of the 14th ACM symposium on Access control models and technologies
Rumpole: a flexible break-glass access control model

Proceedings of the 16th ACM symposium on Access control models and technologies
PrimAndroid: Privacy Policy Modelling and Analysis for Android Applications

POLICY '11 Proceedings of the 2011 IEEE International Symposium on Policies for Distributed Systems and Networks

Heuristic safety analysis of access control models

Proceedings of the 18th ACM symposium on Access control models and technologies

Quantified Score

Hi-index	0.00

Visualization

Abstract

Formal security models have significantly improved the understanding of access control systems. They have influenced the way access control policies are specified and analyzed, and they provide a sound foundation for a policy's implementation. While their merits are many, designing security models is not an easy task, and their use in commercial systems is still far from everyday practice. This paper argues that model engineering principles and tools supporting these principles are important steps towards model based security engineering. It proposes a model engineering approach based on the idea that access control models share a common, model-independent core that, by core specialization and core extension, can be tailored to a broad scope of domain-specific access control models.