On Testing for Absence of Rights in Access Control
نویسنده
چکیده
The well-known access control model formalized by Harrison, Ruzzo, and Ullman (HRU) does not allow testing for absence of access rights in its commands. Sandhu's Typed Access Matrix (TAM) model, which introduces strong typing into the HRU model, continues this tradition. Ammann and Sandhu have recently proposed an extension of TAM called augmented TAM (ATAM), which allows testing for absence of rights. The motivation for ATAM is to express policies for dynamic separation of duties based on transaction control expressions. In this paper we study the question of whether or not testing for absence of access rights adds fundamental expressive power. We show that TAM and ATAM are formally equivalent in their expressive power. However, our construction indicates that while testing for absence of rights is theoretically unnecessary , such testing appears to be practically beneecial.
منابع مشابه
An automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملOn Testing for Absence of Rights in Access Control Models
The well-known access control model formalized by Harrison, Ruzzo, and Ullman (HRU) does not allow testing for absence of access rights in its commands. Sandhu's Typed Access Matrix (TAM) model, which introduces strong typing into the HRU model, continues this tradition. Ammann and Sandhu have recently proposed an extension of TAM called augmented TAM (ATAM), which allows testing for absence of...
متن کامل«نامه سردبیری» انگ اجتماعی مرتبط با HIV: معضلی برای پیشگیری از گسترش HIV
HIV/AIDS is a global health concern that spans three decades of its emergence(1). However, it remains a complex, unique issue among experts. While HIV/AIDS is medically recognized as a chronic, fatal disease, there is a social stigma attached to the disease, which targets the dignity of the patients. In addition to the burden of the disease, stress, and fear of death, an HIV-infected patient is...
متن کاملLow Power March Memory Test Algorithm for Static Random Access Memories (TECHNICAL NOTE)
Memories are most important building blocks in many digital systems. As the Integrated Circuits requirements are growing, the test circuitry must grow as well. There is a need for more efficient test techniques with low power and high speed. Many Memory Built in Self-Test techniques have been proposed to test memories. Compared with combinational and sequential circuits memory testing utilizes ...
متن کاملAccessibility to the Public Facilities: A Mean to Achieve Civil Rights of the People with Disabilities in Iran
Objectives: Civil rights may cover different aspects of citizens’ lives. All the members of the society should have equal access to the public facilities and public transportation system. Barriers and obstacles in society may limit the accessibility of these facilities to the disabled people. Methods: This article contains a part of the results in a phenomenological study of the Disability R...
متن کامل