Comparison of Access Control Administration Models
نویسندگان
چکیده
There exist many access control models in the literature, and several models are emerging each year. Yet, there is no formal taxonomy to compare the administrative features of these models. We propose a novel formalism to compare access control administration models based on their expressivity in a) administrative decentralization and b) conflict resolution. The contribution is a taxonomy by which one can categorize a given access control administration model in the space of all models within two axes: axis of decentralization degree of administration and axis of interpretation level of conflict resolution. In particular, five degrees of decentralization and four levels of interpretation are developed, as guidelines. Finally, six well-known administration models, including the widely used System R, are compared by using this technique. We conclude how the comparison can intuitively comment on each model in the context of their administrative functionality, performance, and security.
منابع مشابه
Comparison between rectal administration of diazepam in solution and intravenous administration for management of convulsive disorders in infants and children
In order to compare rectal and intravenous(IV) administration of diazepam for management of convulsions,a prospective cross-sectional case-control study was conducted on 94 convulsive infants and children referring to the Emergency department of the university hospital No.1 in Kerman.all children were randomly divided into two groups.the patients were matched with regard to the cause,type,durat...
متن کاملCAMAC: a context-aware mandatory access control model
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...
متن کاملPrivacy Preserving Dynamic Access Control Model with Access Delegation for eHealth
eHealth is the concept of using the stored digital data to achieve clinical, educational, and administrative goals and meet the needs of patients, experts, and medical care providers. Expansion of the utilization of information technology and in particular, the Internet of Things (IoT) in eHealth, raises various challenges, where the most important one is security and access control. In this re...
متن کاملThe Role-Based Access Control System
Research in the area of role-based access control has made fast progress over the last few years. However, little has been done to identify and describe existing role-based access control systems within large organisations. This paper describes the access control system of a major European Bank. An overview of the system’s structure, its administration and existing control principles constraini...
متن کاملTowards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration
AbStrAct This chapter addresses the problem that traditional role-base access control (RBAC) models do not scale up well for modeling security policies spanning multiple organizations. After reviewing recently proposed Role and Organization Based Access Control (ROBAC) models, an administrative ROBAC model called AROBAC07 is presented and formalized in this chapter. Two examples are used to mot...
متن کامل