Role-Based Access Control Models
Computer
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Comparing simple role based access control models and access control lists
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Lattice-Based Access Control Models
Computer
An Authorization Model for Workflows
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Security Policy Coordination for Heterogeneous Information Systems
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Hi-index | 0.00 |
Many different access control policies and models have been developed to suit a variety of goals; these include Role-Based Access Control, One-directional Information Flow, Chinese Wall, Clark-Wilson, N-person Control, and DAC, in addition to more informal ad hoc policies. While each of these policies has a particular area of strength, the notational differences between these policies are substantial. As a result it is difficult to combine them, both in making formal statements about systems which are based on differing models and in using more than one access control policy model within a given system. Thus, there is a need for a unifying formalism which is general enough to encompass a range of these policies and models. In this paper, we propose an open security architecture called the Policy Machine (PM) that would meet this need. We also provide examples showing how the PM specifies and enforces access control polices.