On Testing for Absence of Rights in Access Control Models

نویسندگان

  • Ravi S. Sandhu
  • Srinivas Ganta
چکیده

The well-known access control model formalized by Harrison, Ruzzo, and Ullman (HRU) does not allow testing for absence of access rights in its commands. Sandhu's Typed Access Matrix (TAM) model, which introduces strong typing into the HRU model, continues this tradition. Ammann and Sandhu have recently proposed an extension of TAM called augmented TAM (ATAM), which allows testing for absence of rights. The motivation for ATAM is to express policies for dynamic separation of duties based on transaction control expressions. In this paper we study the question of whether or not testing for absence of access rights adds fundamental expressive power. We show that TAM and ATAM are formally equivalent in their expressive power. However, our construction indicates that while testing for absence of rights is theoretically unnecessary, such testing appears to be practically bene cial.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

An automatic test case generator for evaluating implementation of access control policies

One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...

متن کامل

On Testing for Absence of Rights in Access Control

The well-known access control model formalized by Harrison, Ruzzo, and Ullman (HRU) does not allow testing for absence of access rights in its commands. Sandhu's Typed Access Matrix (TAM) model, which introduces strong typing into the HRU model, continues this tradition. Ammann and Sandhu have recently proposed an extension of TAM called augmented TAM (ATAM), which allows testing for absence of...

متن کامل

On the minimality of testing for rights in transformation models

In this paper we de ne and analyze a family of access control models, called transformation models, which are based on the concept of transformation of rights. In these models, propagation of access rights is authorized entirely by existing rights for the object in question. Transformation models are useful for expressing various kinds of consistency, con dentiality, and integrity controls. The...

متن کامل

On the Minimality of Testing for Rights in Transformation

In this paper we deene and analyze a family of access control models, called transformation models, which are based on the concept of transformation of rights. In these models, propagation of access rights is authorized entirely by existing rights for the object in question. Transformation models are useful for expressing various kinds of consistency, conndentiality, and integrity controls. The...

متن کامل

Reactive Power Pricing Simultaneous Using Spot and Bilateral Market Models Considering Opportunity Cost

Reactive power as a utility of ancillary service in restructured environment is supplied by Independent System Operator (ISO). Due to the particular importance of optimal pricing strategy in the power market, the study aims to investigate this problem more closely. To this end, first the problems of restructuring, reactive power generation and its associated costs thereof were reviewed and diff...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1993