Abstract
We present a new model that provides clear and precise semantics for authorization. The semantics is independent from underling security mechanisms and is separate from implementation. The model is capable of representing existing access control mechanisms. Our approach is based on set and function formalism. We focus our attention on identifying issues and use our model as a general basis to investigate the issues.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abadi, M., Burrows, M., Lampson, B. and Plotkin, G.: A calculus for Access Control in Distributed Systems. ACM Transactions on Programming Languages and Systems, Vol. 15,No 4 (September 1993) 706–734
Gail-Joon Ahn and Sandhu, R.: The RSL99 Language for Role-Based Separation of Duty Constraints. ACM Workshop on Role-Based Access Control (1999) 43–54
Bertino, E. and Jajodia, S.: Supporting Multiple Access Control Policies in Database Systems. Proceedings of the 1996 IEEE Symposium on Security and Privacy (1996)
Blaze, M., Feigenbaum, J. and Lacy, J.: Decentralized Trust Management. Proceedings IEEE Symposium on Security and Privacy, IEEE Computer Press, Los Angeles (1996) 164–173
Blaze, M., Feigenbaum, J., Strauss, M.: Compliance Checking in the Policy Maker Trust Management System. In Proceedings of the Financial Cryptography’ 98, Lecture Notes in Computer Science, Vol. 1465 254–274
Brewer, D.F.C. and Nash, M.J.: The Chinese Wall Security Policy. Proceedings of the 1989 IEEE Symposium on Security and Privacy, pages (1989) 206–214
Jajodia, S., Samarati, P. and Subrahmanian, V.S.: A logical Language for Expressing Authorizations. Proceedings of the 1997 IEEE Symposium on Security and Privacy (1997)
Lampson, B.: Protection. ACM Operation System review 8(1) (January 1974) 18–24
Lukasiewicz, J.: On Three-Valued Logic. 1920. RuchFilozoficzny 1920, 5, pp.170–1. Englishtr anslation in Borkowski, L. (ed.) Jan Lukasiewicz: Selected Works. Amsterdam: North Holland (1970)
Massimo, A., Cazzola, W., Fernandez, E.B.: A History-Dependent Access Control Mechanism Using Reflection Proceedings of 5thECOOP Workshop on Mobile Object Systems (EWMOS’99), (June 1999)
Moffet, J.D. and Sloman, M.S.: The representation of Policies as System objects. Proceedings of the ACM Conference on Organizational Computing Systems, Atlanta, GA (November 1991) 171–184
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ryutov, T., Neuman, C. (2001). The Set and Function Approach to Modeling Authorization in Distributed Systems. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds) Information Assurance in Computer Networks. MMM-ACNS 2001. Lecture Notes in Computer Science, vol 2052. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45116-1_20
Download citation
DOI: https://doi.org/10.1007/3-540-45116-1_20
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42103-0
Online ISBN: 978-3-540-45116-7
eBook Packages: Springer Book Archive