Implementing Transaction Control Expressions byChecking for Absence of Access
نویسندگان
چکیده
Separation of duties is an important, real-world requirement that access control models should support. In 13], Sandhu introduced the transaction control expression (TCE) for specifying dynamic separation of duties. In this paper we consider the implementation of TCEs in the typed access matrix model (TAM) recently proposed by Sandhu 16]. We show that TAM requires extension for satisfactory handling of dynamic separation of duties. In particular, dynamic separation requires the capability to explicitly test for the absence of rights in cells of the access matrix. We illustrate how TAM, extended to incorporate such tests, can implement TCEs. We also discuss the impact of checks for absence of rights on safety analysis (i.e., the determination of whether or not a given subject can acquire a given right to a given object).
منابع مشابه
Implementing transaction control expressions by checking for absence of access rights
Separation of duties is an important, real-world requirement that access control models should support. In [13], Sandhu introduced the transaction control expression (TCE) for specifying dynamic separation of duties. In this paper we consider the implementation of TCEs in the typed access matrix model (TAM) recently proposed by Sandhu [16]. We show that TAM requires extension for satisfactory h...
متن کاملOn Testing for Absence of Rights in Access Control
The well-known access control model formalized by Harrison, Ruzzo, and Ullman (HRU) does not allow testing for absence of access rights in its commands. Sandhu's Typed Access Matrix (TAM) model, which introduces strong typing into the HRU model, continues this tradition. Ammann and Sandhu have recently proposed an extension of TAM called augmented TAM (ATAM), which allows testing for absence of...
متن کاملOn Testing for Absence of Rights in Access Control Models
The well-known access control model formalized by Harrison, Ruzzo, and Ullman (HRU) does not allow testing for absence of access rights in its commands. Sandhu's Typed Access Matrix (TAM) model, which introduces strong typing into the HRU model, continues this tradition. Ammann and Sandhu have recently proposed an extension of TAM called augmented TAM (ATAM), which allows testing for absence of...
متن کاملA hybrid approach for database intrusion detection at transaction and inter-transaction levels
Nowadays, information plays an important role in organizations. Sensitive information is often stored in databases. Traditional mechanisms such as encryption, access control, and authentication cannot provide a high level of confidence. Therefore, the existence of Intrusion Detection Systems in databases is necessary. In this paper, we propose an intrusion detection system for detecting attacks...
متن کاملSecure Interoperation of Secure Distributed Databases an Architecture Veriication Case Study
This paper describes the process of implementing an architecture for secure distributed transaction processing, the process of verifying that it has the desired security properties, and the implementation that resulted. The implementation and veriication processes provided us with valuable experience relevant to answering several questions posed by our research on transformational development o...
متن کامل