With discretionary access control (DAC) policies, authorization to perform operations on an object is controlled by the object’s owner or by principals whose authority can be traced back to that owner. The goals of an institution, however, might not align with those of any individual. So for systems intended to support institutions, a more natural basis for authorization is rules set by the ins...

The paper presents revocation schemes in role-based access control models. We are particularly interested in two key issues: how to perform the revocation and how to manage the revocation policy. We show how to deal with these two aspects in our delegation model based on the OrBAC formalism and its administration licence concept. This model provides means to manage several types of of delegatio...

Modern distributed systems tend to be conglomer-ates of heterogeneous subsystems, which have been designed separately, by diierent people, with little, if any, knowledge of each other | and which may be governed by diierent security policies. A single software agent operating within such a system may nd itself interacting with, or even belonging to, several subsystems, and thus be subject to se...

The latest researches on access control model are dramatically different from conventional ones. Nowadays, most attention is paid to accessing across organizational boundaries. So, how to identify the applicant and determine authorization with limited information; how to express and exchange control rules expediently; how to protect confidential information and enhance collaboration simultaneou...

The integration of WLANs and 3G networks has recently attracted much attention. To support seamless service between 3G and WLAN networks, low latency access control mechanisms of the two networks are highly required. This work presents a novel access control mechanism, which aims to support seamless services for an integrated 3G-WLAN network. The proposed method, based on a loose coupling archi...

Access control policies often are partly static, i.e. no dependence on any run-time information, and partly dynamic. However, they are usually enforced dynamically even the static parts. We propose a new hybrid approach to policy enforcement in the Category-Based Access Control (CBAC) meta-model. We build on previous work, which established a static system for the enforcement of (static) hierar...

Abstract: Situations can arise in which organizations have to merge policies that are based on different access control frameworks, such as Role Based Access Control (RBAC) and Mandatory Access Control (MAC). Integrating policies requires addressing the following question: How will the integration impact access to protected resources? In particular, one needs to determine that the integration d...

There has been for several years a growing interest in defining new access control models and administration facilities for these models. Several models have observed that only structuring the model using the concept of roles as in RBAC is not sufficient to administer decentralized enterprises. These models have suggested to consider new concepts such as organization (as in OrBAC) or domain (as...

Even though the final objective of an access control model is to provide a framework to decide if actions performed by subjects on objects are permitted or not, it is not convenient to directly specify an access control policy using concepts of subjects, objects and actions. This is why the Role Based Access Control (RBAC) model suggests using a more abstract concept than subject to specify a p...

Our role-based/mandatory access control (RBAC/MAC) security model and enforcement framework for inter-operating legacy, COTS, GOTS, databases, servers, etc., limits: who (user/user role) can invoke which methods (based on value and MAC level) of artifact APIs at what times, and who (user) can delegate which responsibility (user role) at what times. In this chapter, we focus on assurance for the...