A high level language for conventional access control models

Yun Bai; Vijay Varadharajan

doi:10.1007/bfb0053740

A high level language for conventional access control models

Yun Bai, Vijay Varadharajan

School of Computer, Data & Mathematical Sciences

Research output: Chapter in Book / Conference Paper › Conference Paper › peer-review

Abstract

A formal language to specify general access control policies and their sequences of transformations has been proposed in [1]. The access control policy was specified by a domain description which consisted of a finite set of initial policy propositions, policy transformation propositions and default propositions. Usually, access control models are falls into two conventional categories: discretionary access control(DAC) and mandatory access control(MAC). Traditional DAC models basically enumerate all the subjects and objects in a system and regulate the access to the object based on the identity of the subject. It can be best represented by the HRU's access control matrix [4]. While on the other hand, MAC models are lattice based models, in the sense that each subject and object is associated with a sensitivity level which forms a lattice [3]. In this paper, we intend to demonstrate that both a DAC-like model and a MAC-like model can be realized by an approach using our formal language. We also discuss some other related works.

Original language	English
Title of host publication	Information Security and Privacy - 3rd Australasian Conference, ACISP 1998, Proceedings
Editors	Colin Boyd, Ed Dawson
Publisher	Springer Verlag
Pages	273-283
Number of pages	11
ISBN (Print)	3540647325, 9783540647324
DOIs	https://doi.org/10.1007/bfb0053740
Publication status	Published - 1998
Event	3rd Australasian Conference on Information Security and Privacy, ACISP 1998 - Brisbane, Australia Duration: 13 Jul 1998 → 15 Jul 1998

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	1438
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	3rd Australasian Conference on Information Security and Privacy, ACISP 1998
Country/Territory	Australia
City	Brisbane
Period	13/07/98 → 15/07/98

Bibliographical note

Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 1998.

Keywords

Access control model
Authorization policies
Formal language
Policy transformations

Access to Document

10.1007/bfb0053740

Cite this

Bai, Y., & Varadharajan, V. (1998). A high level language for conventional access control models. In C. Boyd, & E. Dawson (Eds.), Information Security and Privacy - 3rd Australasian Conference, ACISP 1998, Proceedings (pp. 273-283). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 1438). Springer Verlag. https://doi.org/10.1007/bfb0053740

Bai, Yun ; Varadharajan, Vijay. / A high level language for conventional access control models. Information Security and Privacy - 3rd Australasian Conference, ACISP 1998, Proceedings. editor / Colin Boyd ; Ed Dawson. Springer Verlag, 1998. pp. 273-283 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{d932f3b729e2496bb44b0c8db887ec7f,

title = "A high level language for conventional access control models",

abstract = "A formal language to specify general access control policies and their sequences of transformations has been proposed in [1]. The access control policy was specified by a domain description which consisted of a finite set of initial policy propositions, policy transformation propositions and default propositions. Usually, access control models are falls into two conventional categories: discretionary access control(DAC) and mandatory access control(MAC). Traditional DAC models basically enumerate all the subjects and objects in a system and regulate the access to the object based on the identity of the subject. It can be best represented by the HRU's access control matrix [4]. While on the other hand, MAC models are lattice based models, in the sense that each subject and object is associated with a sensitivity level which forms a lattice [3]. In this paper, we intend to demonstrate that both a DAC-like model and a MAC-like model can be realized by an approach using our formal language. We also discuss some other related works.",

keywords = "Access control model, Authorization policies, Formal language, Policy transformations",

author = "Yun Bai and Vijay Varadharajan",

note = "Publisher Copyright: {\textcopyright} Springer-Verlag Berlin Heidelberg 1998.; 3rd Australasian Conference on Information Security and Privacy, ACISP 1998 ; Conference date: 13-07-1998 Through 15-07-1998",

year = "1998",

doi = "10.1007/bfb0053740",

language = "English",

isbn = "3540647325",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "273--283",

editor = "Colin Boyd and Ed Dawson",

booktitle = "Information Security and Privacy - 3rd Australasian Conference, ACISP 1998, Proceedings",

}

Bai, Y & Varadharajan, V 1998, A high level language for conventional access control models. in C Boyd & E Dawson (eds), Information Security and Privacy - 3rd Australasian Conference, ACISP 1998, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 1438, Springer Verlag, pp. 273-283, 3rd Australasian Conference on Information Security and Privacy, ACISP 1998, Brisbane, Australia, 13/07/98. https://doi.org/10.1007/bfb0053740

A high level language for conventional access control models. / Bai, Yun; Varadharajan, Vijay.
Information Security and Privacy - 3rd Australasian Conference, ACISP 1998, Proceedings. ed. / Colin Boyd; Ed Dawson. Springer Verlag, 1998. p. 273-283 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 1438).

Research output: Chapter in Book / Conference Paper › Conference Paper › peer-review

TY - GEN

T1 - A high level language for conventional access control models

AU - Bai, Yun

AU - Varadharajan, Vijay

N1 - Publisher Copyright: © Springer-Verlag Berlin Heidelberg 1998.

PY - 1998

Y1 - 1998

N2 - A formal language to specify general access control policies and their sequences of transformations has been proposed in [1]. The access control policy was specified by a domain description which consisted of a finite set of initial policy propositions, policy transformation propositions and default propositions. Usually, access control models are falls into two conventional categories: discretionary access control(DAC) and mandatory access control(MAC). Traditional DAC models basically enumerate all the subjects and objects in a system and regulate the access to the object based on the identity of the subject. It can be best represented by the HRU's access control matrix [4]. While on the other hand, MAC models are lattice based models, in the sense that each subject and object is associated with a sensitivity level which forms a lattice [3]. In this paper, we intend to demonstrate that both a DAC-like model and a MAC-like model can be realized by an approach using our formal language. We also discuss some other related works.

AB - A formal language to specify general access control policies and their sequences of transformations has been proposed in [1]. The access control policy was specified by a domain description which consisted of a finite set of initial policy propositions, policy transformation propositions and default propositions. Usually, access control models are falls into two conventional categories: discretionary access control(DAC) and mandatory access control(MAC). Traditional DAC models basically enumerate all the subjects and objects in a system and regulate the access to the object based on the identity of the subject. It can be best represented by the HRU's access control matrix [4]. While on the other hand, MAC models are lattice based models, in the sense that each subject and object is associated with a sensitivity level which forms a lattice [3]. In this paper, we intend to demonstrate that both a DAC-like model and a MAC-like model can be realized by an approach using our formal language. We also discuss some other related works.

KW - Access control model

KW - Authorization policies

KW - Formal language

KW - Policy transformations

UR - http://www.scopus.com/inward/record.url?scp=84956857285&partnerID=8YFLogxK

U2 - 10.1007/bfb0053740

DO - 10.1007/bfb0053740

M3 - Conference Paper

AN - SCOPUS:84956857285

SN - 3540647325

SN - 9783540647324

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 273

EP - 283

BT - Information Security and Privacy - 3rd Australasian Conference, ACISP 1998, Proceedings

A2 - Boyd, Colin

A2 - Dawson, Ed

PB - Springer Verlag

T2 - 3rd Australasian Conference on Information Security and Privacy, ACISP 1998

Y2 - 13 July 1998 through 15 July 1998

ER -

Bai Y, Varadharajan V. A high level language for conventional access control models. In Boyd C, Dawson E, editors, Information Security and Privacy - 3rd Australasian Conference, ACISP 1998, Proceedings. Springer Verlag. 1998. p. 273-283. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/bfb0053740

A high level language for conventional access control models

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this