Role-Based Access Control Models
Computer
Security in computing
Determining the availability of distributed applications
Proceedings of the fifth IFIP/IEEE international symposium on Integrated network management V : integrated management in a virtual world: integrated management in a virtual world
Using a classification of management policies for policy specification and policy transformation
Proceedings of the fourth international symposium on Integrated network management IV
The Unified Modeling Language user guide
The Unified Modeling Language user guide
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A reference model for firewall technology
ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
Design and Implementation of Virtual Private Services
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
A decision support system based on GIS for grain logistics vehicle routing problem
ICIC'10 Proceedings of the 6th international conference on Advanced intelligent computing theories and applications: intelligent computing
On scalability and modularisation in the modelling of network security systems
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
| Hi-index | 0.00 |
The design of suitable packet-filters protecting subnets against network-based attacks is usually difficult and error-prone. Therefore, tool-assistance shall facilitate the design task and shall contribute to the correctness of the filters, i.e., the filters should be consistent with the other security mechanisms of the computer network, in particular with its access control schemes. Moreover, they should just enable the corresponding necessary traffic. Our tool approach applies a three-layered model describing the access control and network topology aspects of the system on three levels of abstraction. Each lower layer refines its upper neighbour and is accompanied with access control models. At the top level, role based access control is applied. The lowest level specifies packet filter configurations which can be implemented by means of the Linux kernel extension IPchains. The derivation of filter configurations is substantially supported by tool assistance in the course of an interactive design process.