On complexity of grammars related to the safety problem
Theoretical Computer Science
A theory for comparing the expressive power of access control models
Journal of Computer Security
A formal framework for reflective database access control policies
Proceedings of the 15th ACM conference on Computer and communications security
Safety in discretionary access control for logic-based publish-subscribe systems
Proceedings of the 14th ACM symposium on Access control models and technologies
A medical database case study for reflective database access control
Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
Multi-layer audit of access rights
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
A privacy preservation model for facebook-style social network systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Relationship-based access control: protection model and policy language
Proceedings of the first ACM conference on Data and application security and privacy
Program synthesis in administration of higher-order permissions
Proceedings of the 16th ACM symposium on Access control models and technologies
An authorization scheme for version control systems
Proceedings of the 16th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
An apparently prevailing myth is that safety is undecidable in Discretionary Access Control (DAC); therefore, one needs to invent new DAC schemes in which safety analysis is decidable. In this paper, we dispel this myth. We argue that DAC should not be equated with the Harrison-Ruzzo-Ullman access matrix scheme, in which safety is undecidable. We present an efficient (running time cubic in its input size) algorithm for deciding safety in the Graham-Denning DAC scheme, which subsumes the DAC schemes used in the literature on comparing DAC with other access control models. We also counter several claims made in recent work by Solworth and Sloan, in which the authors present a new access control scheme based on labels and relabelling and assert that it can implement the full range of DAC models. We present a precise characterization of their access control scheme and show that it does not adequately capture a relatively simple DAC scheme.