Access control models and security labelling

Authors:
Chuchang Liu;Angela Billard;Maris Ozols;Nikifor Jeremic
Affiliations:
Defence Science and Technology Organisation, Edinburgh, Australia;Defence Science and Technology Organisation, Edinburgh, Australia;Defence Science and Technology Organisation, Edinburgh, Australia;Defence Science and Technology Organisation, Edinburgh, Australia
Venue:
ACSC '07 Proceedings of the thirtieth Australasian conference on Computer science - Volume 62
Year:
2007

Citing 10
Cited 0

The SLam calculus: programming with secrecy and integrity

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ASN.1: communication between heterogeneous systems

ASN.1: communication between heterogeneous systems
Protecting privacy using the decentralized label model

ACM Transactions on Software Engineering and Methodology (TOSEM)
Untrusted hosts and confidentiality: secure program partitioning

SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Lattice-Based Access Control Models

Computer
Protecting Confidentiality against Trojan Horse Programs in Discretionary Access Control System

ACISP '00 Proceedings of the 5th Australasian Conference on Information Security and Privacy
Dealing with Multi-policy Security in Large Open Distributed Systems

ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Role-Based Access Control

Role-Based Access Control
A Security Model of Dynamic Labeling Providing a Tiered Approach to Verification

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Towards security labelling

ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security labels convey information that is utilised to perform access control decisions, specify protective measures, and aid in the determination of additional handling restrictions required by security policies. In discussing security labelling, one of the most important aspects is to investigate access control models and obtain an appropriate technique for specifying the kind of security policies that are required. One problem with previous approaches to the specification of access control policies is that they are based on an idealisation of the real problem and give a first approximation: may or may not a subject access a given object? The binary, logical function is the essential starting point, but is generally insufficient to guide the hard decisions that are required by a variety of applications in the real world. Focusing on the issues regarding security labelling, this paper first proposes a technique for expressing need-to-know policies that are regarded as the basis for security labelling and should be followed in the labelling process. Then, based on the proposed lattice access control model dealing with both security levels and categories of objects, several security labelling principles are given. Finally, we propose a dynamic model for security labelling that not only provides support for dynamic labelling within a system but also a functional base for the design and implementation of a security labelling system.