ACM Computing Surveys (CSUR)
Formal Models for Computer Security
ACM Computing Surveys (CSUR)
A lattice model of secure information flow
Communications of the ACM
Communications of the ACM
Protection and the control of information sharing in multics
Communications of the ACM
Recognizing Immediacy in an N-Tree Hierarchy and its Application to Protection Groups
IEEE Transactions on Software Engineering
Extending N-grid group authorization using compact encoding
SAC '92 Proceedings of the 1992 ACM/SIGAPP Symposium on Applied computing: technological challenges of the 1990's
Role-based security: pros, cons, & some research directions
ACM SIGSAC Review
Role-based security, object oriented databases and separation of duty
ACM SIGMOD Record
A Model for Evaluation and Administration of Security in Object-Oriented Databases
IEEE Transactions on Knowledge and Data Engineering
Foundations for group-centric secure information sharing models
Proceedings of the 14th ACM symposium on Access control models and technologies
Security-enhanced OSGi service environments
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Group-Centric Secure Information-Sharing Models for Isolated Groups
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.01 |
The benefits of providing access control with groups of users rather than with individuals as the unit of granularity are well known. These benefits are enhanced if the groups are organized in a subgroup partial order. A class of such partial orders, called ntrees, is defined by using a forest of rooted trees or inverted rooted trees as basic partial orders and combining these by refinement. Refinement explodes an existing group into a partially ordered ntree of new groups while maintaining the same relationship between each new group and the nonexploded groups that the exploded group had. Examples are discussed to show the practical significance of ntrees and the refinement operation. It is shown that ntrees can be represented by assigning a pair of integers called lr-values to each group so that g is a subgroup of h if and only if l[g] ≤ l[h] and r[g] ≤ r[h]. Refinement allows a complex ntree to be developed incrementally in a top-down manner and is useful for the initial definition of an ntree as well as for subsequent modifications. To make the latter use of refinement practical, a method is presented for assigning lr-values to the new groups introduced by refinement so lr-values assigned to nonexploded groups need not be changed. It is also shown how to guarantee that the lr-values of the exploded group will get assigned to one of the new groups.