CACL: efficient fine-grained protection for objects
OOPSLA '92 conference proceedings on Object-oriented programming systems, languages, and applications
CSC '94 Proceedings of the 22nd annual ACM computer science conference on Scaling up : meeting the challenge of complexity in real-world computing applications: meeting the challenge of complexity in real-world computing applications
A framework for implementing role-based access control using CORBA security service
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Corba security: an introduction to safe computing with objects
Corba security: an introduction to safe computing with objects
A language extension for expressing constraints on data access
Communications of the ACM
Enterprise Security with EJB and CORBA
Enterprise Security with EJB and CORBA
Bracket capabilities for distributed systems security
ACSC '02 Proceedings of the twenty-fifth Australasian conference on Computer science - Volume 4
Opsis: a distributed object architecture based on bracket capabilities
CRPIT '02 Proceedings of the Fortieth International Conference on Tools Pacific: Objects for internet, mobile and embedded applications
ICSR-6 Proceedings of the 6th International Conerence on Software Reuse: Advances in Software Reusability
A Model of Methods Access Authorization in Object-oriented Databases
VLDB '93 Proceedings of the 19th International Conference on Very Large Data Bases
The Cambridge CAP computer and its protection system
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
Protection and control of information sharing in multics
SOSP '73 Proceedings of the fourth ACM symposium on Operating system principles
Flexible enterprise access control with object-oriented view specification
ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21
Towards reasonability properties for access-control policy languages
Proceedings of the eleventh ACM symposium on Access control models and technologies
Efficient policy analysis for administrative role based access control
Proceedings of the 14th ACM conference on Computer and communications security
Programming framework for sensor-data driven context-aware applications
ACM SIGBED Review - Special issue on the RTSS forum on deeply embedded real-time computing
Context-aware role-based access control in pervasive computing systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Symbolic reachability analysis for parameterized administrative role based access control
Proceedings of the 14th ACM symposium on Access control models and technologies
Trading in risk: using markets to improve access control
Proceedings of the 2008 workshop on New security paradigms
SecPAL: Design and semantics of a decentralized authorization language
Journal of Computer Security - Digital Identity Management (DIM 2007)
Access control caching strategies: an empirical evaluation
Proceedings of the 6th International Workshop on Security Measurements and Metrics
Combining static analysis and runtime checking in security aspects for distributed tuple spaces
COORDINATION'11 Proceedings of the 13th international conference on Coordination models and languages
A Generative Programming Framework for Context-Aware CSCW Applications
ACM Transactions on Software Engineering and Methodology (TOSEM)
A tag-based data model for privacy-preserving medical applications
EDBT'06 Proceedings of the 2006 international conference on Current Trends in Database Technology
Challenges in ehealth: from enabling to enforcing privacy
FHIES'11 Proceedings of the First international conference on Foundations of Health Informatics Engineering and Systems
A fine-grained access control model for key-value systems
Proceedings of the third ACM conference on Data and application security and privacy
Heuristic safety analysis of access control models
Proceedings of the 18th ACM symposium on Access control models and technologies
The Secure Authorization Model for Healthcare Information System
Journal of Medical Systems
Behavior-based access control for distributed healthcare systems
Journal of Computer Security
| Hi-index | 0.01 |
We present a detailed examination of the access constraints for a small real-world Health Information System with the aim of achieving minimal access rights for each of the involved principals. We show that, even for such a relatively simple system, the resulting constraints are very complex and cannot be expressed easily or clearly using the static per-method access control lists generally supported by component-based software. We derive general requirements for the expressiveness of access constraints and propose criteria for a more suitable access control mechanism in the context of component-based systems. We describe a two-level mechanism which can fulfil these criteria.