Safety and Liveness for an RBAC/MAC Security Model

نویسندگان

  • Charles E. Phillips
  • Steven A. Demurjian
  • T. C. Ting
چکیده

Our role-based/mandatory access control (RBAC/MAC) security model and enforcement framework for inter-operating legacy, COTS, GOTS, databases, servers, etc., limits: who (user/user role) can invoke which methods (based on value and MAC level) of artifact APIs at what times, and who (user) can delegate which responsibility (user role) at what times. In this chapter, we focus on assurance for the timeframe of access (of a user to a role, of a role to a method, etc.) and the attainment of the Simple Security Property (i.e., a subject cannot read information for which it is not cleared) and Simple Integrity Property (i.e., a subject is limited to writing information at its own level and lower), which together can be used to support safety and liveness.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Security Assurance for a Resource-based Rbac/dac/mac Security Model

middle model. These constructs are used to build security assurance rules and authorizations which will be presented in Chapter 5 and provide the basis for our security enforcement framework and prototype (see Chapter 6). The chapter details the design assumptions required to clearly establish the security model environment and security assurance requirements. This chapter concludes with a disc...

متن کامل

Role Delegation for a Distributed, Unified RBAC/MAC*

The day-today operations of corporations and government agencies rely on inter-operating legacy, COTs, databases, clients, servers, etc., which are brought together into a distributed environment running middleware (e.g., CORBA, JINI, DCOM, etc.). Both access control and security assurance within these distributed applications is paramount. Of particular concern is the delegation of authority, ...

متن کامل

Formal Analysis of Workflow Systems with Security Considerations

Security considerations, such as role-based access control (RBAC) mechanism and separation of duty (SoD) constraints, are important and integral to workflow systems. We propose the use of an equation-based method – the OTS/CafeOBJ method to specify workflow systems with such security considerations, and verify some desired safety and liveness properties of workflow systems. Specifically, a work...

متن کامل

Integrating Access Control into UML for Secure Software Modeling and Analysis

Access control models are often an orthogonal activity when designing, implementing, and deploying software applications. Role-based access control (RBAC) which targets privileges based on responsibilities within an application and mandatory access control (MAC) that emphasizes the protection of information via security tags are two dominant approaches in this regard. The integration of access ...

متن کامل

Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)

One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2003