The Separation of Duty with Privilege Calculus

نویسندگان

Chenggong Lv

Jun Wang

Lu Liu

Weijia You

چکیده

This paper presents Privilege Calculus (PC) as a new approach of knowledge representation for Separation of Duty (SD) in the view of process and intents to improve the reconfigurability and traceability of SD. PC presumes that the structure of SD should be reduced to the structure of privilege and then the regulation of system should be analyzed with the help of forms of privilege.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Privilege Separation Method for Security Commercial Transactions

Privilege user is needed to manage the commercial transactions, but a super-administrator may have monopolize power and cause serious security problem. Relied on trusted computing technology, a privilege separation method is proposed to satisfy the security management requirement for information systems. It authorizes the system privilege to three different managers, and none of it can be inter...

متن کامل

It's been a privilege: advising patients of the Tarasoff duty and its legal consequences for the federal psychotherapist-patient privilege.

State laws modeled on Tarasoff v. Regents of the University of California require psychotherapists to warn potential victims or law enforcement when treating dangerous patients who make serious threats of harm to another person. In practice, many psychotherapists advise their patients who make such threats about their duty under these Tarasoff-model laws. Although they are not required to make ...

متن کامل

A temporal-logic extension of role-based access control covering dynamic separation of duties

Security policies play an important role in today’s computer systems. We show some severe limitations of the widespread standard role-based access control (RBAC) model, namely that object-based dynamic separation of duty as introduced by Nash and Poland cannot be expressed with it. We suggest to overcome these limitations by extending the RBAC model with an execution history. The natural next s...

متن کامل

A role and context based security model

Security requirements approached at the enterprise level initiate the need for models that capture the organisational and distributed aspects of information usage. Such models have to express organisation-specific security policies and internal controls aiming to protect information against unauthorised access and modification, and against usage of information for unintended purposes. This diss...

متن کامل

Preventing Privilege Escalation

Many operating system services require special privilege to execute their tasks. A programming error in a privileged service opens the door to system compromise in the form of unauthorized acquisition of privileges. In the worst case, a remote attacker may obtain superuser privileges. In this paper, we discuss the methodology and design of privilege separation, a generic approach that lets part...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2008

The Separation of Duty with Privilege Calculus

نویسندگان

چکیده

منابع مشابه

A Privilege Separation Method for Security Commercial Transactions

It's been a privilege: advising patients of the Tarasoff duty and its legal consequences for the federal psychotherapist-patient privilege.

A temporal-logic extension of role-based access control covering dynamic separation of duties

A role and context based security model

Preventing Privilege Escalation

عنوان ژورنال:

اشتراک گذاری