Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Lightweight shared objects in a 64-bit operating system
OOPSLA '92 conference proceedings on Object-oriented programming systems, languages, and applications
Authentication in the Taos operating system
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Single address space or private address spaces?
EW 6 Proceedings of the 6th workshop on ACM SIGOPS European workshop: Matching operating systems to application needs
Protection in the Guide Object-Oriented Distributed System
ECOOP '94 Proceedings of the 8th European Conference on Object-Oriented Programming
Role and task-based access control in the PerDiS groupware platform
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Single address space or private address spaces?
EW 6 Proceedings of the 6th workshop on ACM SIGOPS European workshop: Matching operating systems to application needs
Task-Role Based Access Control (T-RBAC): An Improved Access Control Model for Enterprise Environment
DEXA '00 Proceedings of the 11th International Conference on Database and Expert Systems Applications
Partial outsourcing: a new paradigm for access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Task-role-based access control model
Information Systems
Task-Based access control for virtual organizations
FIDJI'04 Proceedings of the 4th international conference on Scientific Engineering of Distributed Java Applications
Hi-index | 0.00 |
Applications involving cooperation between several users are often expressed in terms of operations on shared objects. The challenge is to provide adequate access to shared objects for cooperating principals while maintaining the required level of integrity and privacy for objects. We assume an open system environment populated with distributed and potentially shareable and persistent objects. Security mechanisms should be independent of application programs, ensuring the security of data objects regardless of the programs that are used to access them. In general, we need the ability to control access at the level of each of the operations of an object.We present a security model that reflects the structure of cooperative work, enabling users' security policies and other task requirements to be translated directly into access rights for those shared objects whose protection must be guaranteed for the successful outcome of cooperative tasks. Our model is derived from a study of some cooperative tasks in the real world [5]. The model is based on notions of group tasks, organisational roles and delegation. We consider briefly the implications of our security model for operating system design in the context of a shared object system based on a distributed shared memory model [1].