Extended Role Based Access Control with Procedural Constraints for Trusted Operating Systems

Authors:
Wook Shin;Jong-Youl Park;Dong-Ik Lee
Affiliations:
The authors are with the Department of Information and Communications, Kwang-Ju Institute of Science and Technology, Gwang-Ju, 500-712, Korea. E-mail: sunihill@kjist.ac.kr;The authors are with the Department of Information and Communications, Kwang-Ju Institute of Science and Technology, Gwang-Ju, 500-712, Korea. E-mail: sunihill@kjist.ac.kr;The authors are with the Department of Information and Communications, Kwang-Ju Institute of Science and Technology, Gwang-Ju, 500-712, Korea. E-mail: sunihill@kjist.ac.kr
Venue:
IEICE - Transactions on Information and Systems
Year:
2005

Citing 0
Cited 2

Enforcement of integrated security policy in trusted operating systems

IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Design and implementation of an extended reference monitor for trusted operating systems

ISPEC'06 Proceedings of the Second international conference on Information Security Practice and Experience

Quantified Score

Hi-index	0.00

Visualization

Abstract

The current scheme of access control judges the legality of each access based on immediate information without considering associate information hidden in a series of accesses. Due to the deficiency, access control systems do not efficiently limit attacks consist of ordinary operations. For trusted operating system developments, we extended RBAC and added negative procedural constraints to refuse those attacks. With the procedural constraints, the access control of trusted operating systems can discriminate attack trials from normal behaviors. This paper shows the specification of the extended concept and model, and presents simple analysis results.