ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Digital Library logoTake a look at the new version of this page: [ beta version ]. Tell us what you think.
The next 700 access control models or a unifying meta-model?
Full text PdfPdf (410 KB)
Source
Symposium on Access Control Models and Technologies archive
Proceedings of the 14th ACM symposium on Access control models and technologies table of contents
Stresa, Italy
SESSION: Model/meta-model and extensions table of contents
Pages: 187-196  
Year of Publication: 2009
ISBN:978-1-60558-537-6
Author
Steve Barker  King's College London, London, United Kingdom
Sponsors
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 23,   Downloads (12 Months): 181,   Citation Count: 1
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1542207.1542238
What is a DOI?

ABSTRACT

We address some fundamental questions, which were raised by Atluri and Ferraiolo at SACMAT'08, on the prospects for and benefits of a meta-model of access control. We demonstrate that a meta-model for access control can be defined and that multiple access control models can be derived as special cases. An anticipated consequence of the contribution that we describe is to encourage researchers to adopt a meta-model view of access control rather than them developing the next 700 particular instances of access control models.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
ANSI. RBAC, 2004. INCITS 359-2004.
 
2
C. Baral and M. Gelfond. Logic programming and knowledge representation. JLP, 19/20:73--148, 1994.
3
Steve Barker , Marek J. Sergot , Duminda Wijesekera, Status-Based Access Control, ACM Transactions on Information and System Security (TISSEC), v.12 n.1, p.1-47, October 2008  [doi>10.1145/1410234.1410235]
4
Steve Barker , Peter J. Stuckey, Flexible access control policy specification with constraint logic programming, ACM Transactions on Information and System Security (TISSEC), v.6 n.4, p.501-546, November 2003  [doi>10.1145/950191.950194]
 
5
Moritz Becker , Cedric Fournet , Andrew Gordon, Design and Semantics of a Decentralized Authorization Language, Proceedings of the 20th IEEE Computer Security Foundations Symposium, p.3-15, July 06-08, 2007  [doi>10.1109/CSF.2007.18]
 
6
D. E. Bell and L. J. LaPadula. Secure computer system: Unified exposition and multics interpretation. MITRE-2997, 1976.
7
Elisa Bertino , Claudio Bettini , Elena Ferrari , Pierangela Samarati, An access control model supporting periodicity constraints and temporal reasoning, ACM Transactions on Database Systems (TODS), v.23 n.3, p.231-285, Sept. 1998  [doi>10.1145/293910.293151]
 
8
H. Boley, S. Tabet, and G. Wagner. Design rationale of ruleml: A markup language for semantic web rules. In SWWS 2001, pages 381--401, 2001.
 
9
L. Cavedon , J. W. Lloyd, A completeness theorem for SLDNF resolution, Journal of Logic Programming, v.7 n.3, p.177-191, Nov. 1989  [doi>10.1016/0743-1066(89)90020-4]
 
10
K. Clark. Negation as failure. In H. Gallaire and J. Minker, editors, Logic and Databases, pages 293--322. Plenum, 1978.
 
11
Dwaine Clarke , Jean-Emile Elien , Carl Ellison , Matt Fredette , Alexander Morcos , Ronald L. Rivest, Certificate chain discovery in SPKI?SDSI, Journal of Computer Security, v.9 n.4, p.285-322, January 2001
12
David Ferraiolo , Vijay Atluri, A meta model for access control: why is it needed and is it even possible to achieve?, Proceedings of the 13th ACM symposium on Access control models and technologies, June 11-13, 2008, Estes Park, CO, USA  [doi>10.1145/1377836.1377860]
13
David F. Ferraiolo , Ravi Sandhu , Serban Gavrila , D. Richard Kuhn , Ramaswamy Chandramouli, Proposed NIST standard for role-based access control, ACM Transactions on Information and System Security (TISSEC), v.4 n.3, p.224-274, August 2001  [doi>10.1145/501978.501980]
 
14
Samir Genaim , Michael Codish, Inferring Termination Conditions for Logic Programs Using Backwards Analysis, Proceedings of the Artificial Intelligence on Logic for Programming, p.685-694, December 03-07, 2001
15
Sushil Jajodia , Pierangela Samarati , Maria Luisa Sapino , V. S. Subrahmanian, Flexible support for multiple access control policies, ACM Transactions on Database Systems (TODS), v.26 n.2, p.214-260, June 2001  [doi>10.1145/383891.383894]
 
16
James B. D. Joshi , Elisa Bertino , Usman Latif , Arif Ghafoor, A Generalized Temporal Role-Based Access Control Model, IEEE Transactions on Knowledge and Data Engineering, v.17 n.1, p.4-23, January 2005  [doi>10.1109/TKDE.2005.1]
17
P. J. Landin, The next 700 programming languages, Communications of the ACM, v.9 n.3, p.157-166, March 1966  [doi>10.1145/365230.365257]
 
18
Ninghui Li , John C. Mitchell , William H. Winsborough, Design of a Role-Based Trust-Management Framework, Proceedings of the 2002 IEEE Symposium on Security and Privacy, p.114, May 12-15, 2002
 
19
Churn-Jung Liau, Belief, information acquisition, and trust in multi-agent systems: a modal logic formulation, Artificial Intelligence, v.149 n.1, p.31-60, September 2003  [doi>10.1016/S0004-3702(03)00063-8]
 
20
OASIS. eXtensible Access Control Markup language (XACML), 2003. http://www.oasis-open.org/xacml/docs/.
21
Ravi Sandhu , Qamar Munawer, How to do discretionary access control using roles, Proceedings of the third ACM workshop on Role-based access control, p.47-54, October 22-23, 1998, Fairfax, Virginia, United States  [doi>10.1145/286884.286893]
 
22
D. J. Weitzner, J. Hendler, T. Berners-Lee, and D. Connolly. Creating a policy-aware web: Discretionary, rule-based access for the world wide web. Web and Information Security, 2006.
 
23
The XSB System Version 2.7.1, Programmer's Manual, 2005.

CITED BY
Alexander Yip , Xi Wang , Nickolai Zeldovich , M. Frans Kaashoek, Improving application security with data flow assertions, Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, October 11-14, 2009, Big Sky, Montana, USA

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls


General Terms:
Security


Keywords:
access control models, access control policies

Collaborative Colleagues:
Steve Barker: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2010 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player