Extended Role Based Access Control with Procedural Constraints for Trusted Operating Systems
نویسندگان
چکیده
The current scheme of access control judges the legality of each access based on immediate information without considering associate information hidden in a series of accesses. Due to the deficiency, access control systems do not efficiently limit attacks consist of ordinary operations. For trusted operating system developments, we extended RBAC and added negative procedural constraints to refuse those attacks. With the procedural constraints, the access control of trusted operating systems can discriminate attack trials from normal behaviors. This paper shows the specification of the extended concept and model, and presents simple analysis results. key words: trusted operating system, security kernel, reference monitor, secure operating system, access control, RBAC, procedural constraints
منابع مشابه
A Simple Implementation and Performance Evaluation Extended-Role Based Access Control
This paper addresses the complexity issues of extended-role based access control (E-RBAC) implemented under an embedded environment. Although E-RBAC can provide more trusted environment than the traditional trusted operating systems by prohibiting the attacks consisting of ordinary operations, it is expected that its implementation has performance overhead due to the procedural constraints of E...
متن کاملA Collaborative Role-Based Access Control for Trusted Operating Systems in Distributed Environment
The research communitiy has shown considerable interest in studying access control in single Trusted Operating Systems (TOS). However, interactions among multiple TOSs have attracted relatively little attention. In this paper, we propose a Collaborative Role-Based Access Control (C-RBAC) model for distributed systems in which accesses across system domain boundaries are allowed. Access entities...
متن کاملAn Extension of Role Based Access Control for Trusted Operating Systems and Its Coloured Petri Net Model
The notion of trusted operating system was proposed to solve the security problems of current security solutions. Such security solutions as intrusion detection systems, firewalls have been used widely. However, they are run in the application-level of computer systems. Therefore many application-level processes including hacking programs can easily bypass them. Numerous bypassing techniques al...
متن کاملA Role-Based Access Control Kernel for NetBSD
This paper looks at the traditional Unix security models, and introduces the Role-Based Access Control (RBAC) security model, a much more finely-grained operation and capability system already deployed in some versions of Trusted Solaris and AIX 6. The development model is discussed, along with various approaches to bringing RBAC kernels to a modern BSD kernel. Some implementation details are t...
متن کاملThe Policy Machine: A novel architecture and framework for access control policy specification and enforcement
The ability to control access to sensitive data in accordance with policy is perhaps the most fundamental security requirement. Despite over four decades of security research, the limited ability for existing access control mechanisms to generically enforce policy persists. While researchers, practitioners and policy makers have specified a large variety of access control policies to address re...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IEICE Transactions
دوره 88-D شماره
صفحات -
تاریخ انتشار 2005