ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A criterion-based multilayer access control approach for multimedia applications and the implementation considerations
Full text PdfPdf (3.10 MB)
Source
ACM Transactions on Multimedia Computing, Communications, and Applications (TOMCCAP) archive
Volume 5 ,  Issue 2  (November 2008) table of contents
Article No. 17  
Year of Publication: 2008
ISSN:1551-6857
Authors
Leon Pan  University of Regina, Regina, Canada
Chang N. Zhang  University of Regina, Regina, Canada
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 26,   Downloads (12 Months): 104,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1413862.1413870
What is a DOI?

ABSTRACT

In this article, a novel criterion-based multilayer access control (CBMAC) approach is presented to enhance existing access control models such as Role-Based, Mandatory, and Discretionary Access Control models to support multilayer (multilevel) access control. The proposed approach is based on a set of predefined security criteria which are extracted from authorization rules. The security attributes of objects and users are specified by security criterion expressions (serving as locks) and the elements (serving as keys) of security criterion subsets respectively. An object embedded with a number of security criterion expressions becomes a secure object while a user associated with a security criterion subset is called a secure user. The multilayer access control is achieved by evaluating the embedded security criterion expressions (actuating locks) by the elements (keys) in a user's security criterion subset. The paper also provides the details of integrating the proposed approach with existing access control models and presents the implementation considerations of Criterion-Based Role-Based Multilayer Access Control, the integration of CBMAC and Role-Based Access Control.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
N. R. Adam , V. Atluri , E. Bertino , E. Ferrari, A Content-Based Authorization Model for Digital Libraries, IEEE Transactions on Knowledge and Data Engineering, v.14 n.2, p.296-315, March 2002  [doi>10.1109/69.991718]
 
2
Leonard J. LaPadula , D. Elliott Bell, MITRE technical report 2547, volume II, Journal of Computer Security, v.4 n.2-3, p.239-263, Jan. 1996
3
Elisa Bertino , Jianping Fan , Elena Ferrari , Mohand-Said Hacid , Ahmed K. Elmagarmid , Xingquan Zhu, A hierarchical access control model for video database systems, ACM Transactions on Information Systems (TOIS), v.21 n.2, p.155-191, April 2003  [doi>10.1145/763693.763695]
 
4
Bertino, E., Ferrari, E., and Perego, A. 2002. Max: An access control system for digital libraries and the Web, http://semioweb.msh-paris.fr/euforbia/download/max.pdf
5
Elisa Bertino , Moustafa A. Hammad , Walid G. Aref , Ahmed K. Elmagarmid, An access control model for video database systems, Proceedings of the ninth international conference on Information and knowledge management, p.336-343, November 06-11, 2000, McLean, Virginia, United States  [doi>10.1145/354756.354838]
 
6
Damiani, E., De Capitani di Vimercati, S., and Samarati, P. 2005. New paradigms for access control in open environments. In Proceedings of the 5th IEEE International Symposium on Signal Processing and Information.
 
7
Damiani, E., De Capitani S., Fernandez-Medina, E., and Samarati, P. 2002. An access control system for SVG documents. In Proceedings of the 16th Annual IFIP WG11.3 Workshop Conference on Data and Application Security.
 
8
Fernandez-Medina, E., Ruiz, G., and De Capitani, di Vimerati, S. 2003. Implementing an Access Control System for SVG Documents. Lecture Notes in Computer Science. 741--753.
 
9
Kodali, N., Farkas C., and Wijesekera, D. Multimedia Access Control using RDF Metadata. http://www.cse.sc.edu/~farkas/publications/c11.pdf
 
10
Kosch, H. 2004. Distributed Multimedia Database Technologies Supported by MPEG-7 and MPEG-21, CEC Press.
 
11
B.S. Manjunath , Phillipe Salembier , Thomas Sikora, Introduction to MPEG-7: Multimedia Content Description Interface, John Wiley & Sons, Inc., New York, NY, 2002
 
12
National Computer Security Center. 1987. A guide to understanding discretionary access control in trusted systems. http://www.radium.ncsc.mil/tpep/library/rainbow/NCSC-TG-003.html
 
13
Leon Pan , Chang N. Zhang, A Criterion-Based Role-Based Multilayer Access Control Model for Multimedia Applications, Proceedings of the Eighth IEEE International Symposium on Multimedia, p.145-152, December 11-13, 2006  [doi>10.1109/ISM.2006.1]
14
Jaehong Park , Ravi Sandhu, The UCONABC usage control model, ACM Transactions on Information and System Security (TISSEC), v.7 n.1, p.128-174, February 2004  [doi>10.1145/984334.984339]
15
Fausto Rabitti , Elisa Bertino , Won Kim , Darrell Woelk, A model of authorization for next-generation database systems, ACM Transactions on Database Systems (TODS), v.16 n.1, p.88-131, March 1991  [doi>10.1145/103140.103144]
 
16
Salembier, P. and Smith, J. R. 2001. MPEG-7 multimedia description schemes. IEEE Trans. Circ. Syst. Video Techn. 11, 6, 748--759.
 
17
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
 
18
W3C Recommendation. 2004. XML schema part 0: Primer second edition, http://www.w3.org/TR/xmlschema-0/.
 
19
W3C Recommendation. 2004. XML Schema part 1: Structures second edition, http://www.w3.org/TR/2004/REC-xmlschema-1-20041028/structures.html
 
20
W3C Recommendation. 2004. XML Schema part 2: Datatypes second edition, http://www.w3.org/TR/2004/REC-xmlschema-2-20041028/datatypes.html
 
21
Priscilla Walmsley, Definitive XML Schema, Prentice Hall PTR, Upper Saddle River, NJ, 2001
22
Lingyu Wang , Duminda Wijesekera , Sushil Jajodia, A logic-based framework for attribute based access control, Proceedings of the 2004 ACM workshop on Formal methods in security engineering, October 29-29, 2004, Washington DC, USA  [doi>10.1145/1029133.1029140]
 
23
Eric Yuan , Jin Tong, Attributed Based Access Control (ABAC) for Web Services, Proceedings of the IEEE International Conference on Web Services, p.561-569, July 11-15, 2005  [doi>10.1109/ICWS.2005.25]

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls

Additional Classification:
  H. Information Systems
  H.5 INFORMATION INTERFACES AND PRESENTATION (I.7)
      H.5.1 Multimedia Information Systems

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)


General Terms:
Security


Keywords:
Multilayer access control, secure object, secure permission, secure user, security criterion

Collaborative Colleagues:
Leon Pan: colleagues
Chang N. Zhang: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player