Expressive Power of the Single - ObjectTyped Access Matrix
نویسندگان
چکیده
The single-object typed access matrix (SOTAM) model was recently introduced in the literature by Sandhu and Suri. It is a special case of Sandhu's typed access matrix (TAM) model. In SOTAM individual commands are restricted to modifying exactly one column of the access matrix (whereas individual TAM commands in general can modify multiple columns). Sandhu and Suri have outlined a simple implementation of SOTAM in a distributed environment using the familiar client-server architecture. In particular the stipulation that each command modiies a single column of the access matrix, is reeected in the desirable property that each command modiies a single access control list corresponding to that column. In this paper we show that TAM and SOTAM are formally equivalent in their expressive power. This result establishes that SOTAM has precisely the same expressive power as TAM, while having a simple implementation at the same time. In a nutshell, this result tells us that manipulation of access control information can be achieved in its most general form by manipulation of a single access control list (ACL) at a time. their support and encouragement in making this work possible.
منابع مشابه
Expressive power of the single-object typed access matrix model
The single-object typed access matrix (SOTAM) model was recently introduced in the literature by Sandhu and Suri. It is a special case of Sandhu's typed access matrix (TAM) model. In SOTAM individual commands are restricted to modifying exactly one column of the access matrix (whereas individual TAM commands in general can modify multiple columns). Sandhu and Suri have outlined a simple impleme...
متن کاملA theory for comparing the expressive power of access control models
Comparing the expressive power of access control models is recognized as a fundamental problem in computer security. While such comparisons are generally based on simulations between different access control schemes, the definitions for simulations that are used in the literature are informal, and make it impossible to put results and claims about the expressive power of access control models i...
متن کاملImplementation Considerations for the Typed Access Matrix Model in a Distributed Environment
The typed access matrix (TAM) model was recently de ned by Sandhu. TAM combines the strong safety properties for propagation of access rights obtained in Sandhu's Schematic Protection Model, with the natural expressive power of Harrison, Ruzzo, and Ullman's model. In this paper we consider the implementation of TAM in a distributed environment. To this end we propose a simpli ed version of TAM ...
متن کاملA theory for comparing the expressive power of access control models 1
We present a theory for comparing the expressive power of access control models. The theory is based on simulations that preserve security properties. We perceive access control systems as state-transition systems and present two kinds of simulations, reductions and state-matching reductions. In applying the theory, we highlight four new results and discuss these results in the context of other...
متن کاملABAM: An Attribute-Based Access Matrix Model
In traditional access control models like mandatory access control (MAC), discretionary access control (DAC), and role-based access control (RBAC), authorization decisions are determined according to the identities of subjects and objects, which are authenticated by a system completely. Recent access control practices, such as digital rights management (DRM), trust management, and usage control...
متن کامل