CERIAS Tech Report 2005-83 A THEORY BASED ON SECURITY ANALYSIS FOR COMPARING THE EXPRESSIVE POWER OF ACCESS CONTROL MODELS
نویسنده
چکیده
Tripunitara, Mahesh V. Ph.D., Purdue University, December, 2005. A Theory Based on Security Analysis for Comparing the Expressive Power of Access Control Models. Major Professor: Ninghui Li. We present a theory for comparing the expressive power of access control models. Our theory is based on reductions that preserve the results of security analysis. Security analysis is an approach to the verification of security policies in access control systems. We demonstrate the effectiveness of the theory by applying it in several cases. Also, we present related results on safety analysis in Discretionary Access Control (DAC) and security analysis in Role-Based Access Control (RBAC).
منابع مشابه
A theory for comparing the expressive power of access control models
Comparing the expressive power of access control models is recognized as a fundamental problem in computer security. While such comparisons are generally based on simulations between different access control schemes, the definitions for simulations that are used in the literature are informal, and make it impossible to put results and claims about the expressive power of access control models i...
متن کاملA theory for comparing the expressive power of access control models 1
We present a theory for comparing the expressive power of access control models. The theory is based on simulations that preserve security properties. We perceive access control systems as state-transition systems and present two kinds of simulations, reductions and state-matching reductions. In applying the theory, we highlight four new results and discuss these results in the context of other...
متن کاملEquivalence of Group-Centric Collaboration with Expedient Insiders (GEI) and LBAC with Collaborative Compartments (LCC)
Equivalence of access control models can be proved by comparing their expressive power. Tripunitara and Li [3] have given a generalized theoretical formulation for comparing expressive power of access control models via simulations that preserve security properties which are called state matching reductions. This report gives a formal proof of a state matching reduction from Group-Centric Colla...
متن کاملCERIAS Tech Report 2005-11 REMOTE REVOCATION OF SMART CARDS IN A PRIVATE DRM SYSTEM
We describe a DRM smartcard-based scheme in which content access requests are not linked to a user’s identity or smartcard, and in which compromised cards can be revoked without the need to communicate with any card (whether revoked or not). The scheme has many other features, such as efficiency and requiring minimal interaction to process an access request (no complex interactive protocols), f...
متن کاملA semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کامل