Access control for large collections

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback
Take a look at the new version of this page: [ beta version ]. Tell us what you think.

Access control for large collections

Full text

Pdf (483 KB)

Source

ACM Transactions on Information Systems (TOIS) archive
Volume 15 , Issue 2 (April 1997) table of contents

Pages: 154 - 194

Year of Publication: 1997

ISSN:1046-8188

Author

H. M. Gladney

IBM Almaden Research Center, San Jose, CA

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 15, Downloads (12 Months): 114, Citation Count: 5

Additional Information:

abstract references cited by index terms review collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/248625.248652 What is a DOI?

ABSTRACT

Efforts to place vast information resources at the fingertips of each individual in large user populations must be balanced by commensurate attention to information protection. For distributed systems with less-structured tasks, more-diversified information, and a heterogeneous user set, the computing system must administer enterprise-chosen access control policies. One kind of resource is a digital library that emulates massive collections of paper and other physical media for clerical, engineering, and cultural applications. This article considers the security requirements for such libraries and proposes an access control method that mimics organizational practice by combining a subject tree with ad hoc role granting that controls privileges for many operations independently, that treats (all but one) privileged roles (e.g., auditor, security officer) like every other individual authorization, and that binds access control information to objects indirectly for scaling, flexibility, and reflexive protection. We sketch a realization and show that it will perform well, generalizes many deployed proposed access control policies, and permits individual data centers to implement other models economically and without disruption.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Martín Abadi , Michael Burrows , Butler Lampson , Gordon Plotkin, A calculus for access control in distributed systems, ACM Transactions on Programming Languages and Systems (TOPLAS), v.15 n.4, p.706-734, Sept. 1993 [doi>10.1145/155183.155225]
	2	BELL, D.E. AND LAPADULA, L.g. 1975. Secure computer system: Unified exposition and multics interpretation. MIRTRE Corp., Bedford, Mass. Also available as NTIS AD-A023588. National Technical Information Service, Springfield, Va. (1976).
	3	Paul Butterworth , Allen Otis , Jacob Stein, The GemStone object database management system, Communications of the ACM, v.34 n.10, p.64-77, Oct. 1991 [doi>10.1145/125223.125254]
	4	Santosh Chokhani, Trusted products evaluation, Communications of the ACM, v.35 n.7, p.64-76, July 1992 [doi>10.1145/129902.129907]
	5	CLARK, D. C. AND WILSON, D.R. 1987. A comparison of commercial and military security policies. In Proceedings of the IEEE Security and Privacy Symposium. IEEE, New York.
	6	O. Deux, The O2 system, Communications of the ACM, v.34 n.10, p.34-48, Oct. 1991 [doi>10.1145/125223.125238]
	7	DEPARTMENT OF DEFENSE. 1985. Trusted computer system evaluation criteria. DOD 5200.28 STD, National Computer Security Center, U.S. Department of Defense, Washington, D.C.
	8	ERDOS, M.E. AND PATO, J.N. 1993. Extending the OSF DCE authorization system to support practical delegation. In Proceedings of the PSRD Workshop on Network and Distributed System Security. 93-100.
	9	Ronald Fagin, On an authorization mechanism, ACM Transactions on Database Systems (TODS), v.3 n.3, p.310-319, Sept. 1978 [doi>10.1145/320263.320288]
	10	Fox, E.A., AKSCYN, R.M., FURUTA, R.K., AND LEGGETT, J.J., Eds. 1994. Proceedings of Digital Libraries '94. Springer-Verlag, Berlin.
	11	Edward A. Fox , Robert M. Akscyn , Richard K. Furuta , John J. Leggett, Digital libraries, Communications of the ACM, v.38 n.4, p.22-28, April 1995 [doi>10.1145/205323.205325]
	12	G1AGLIARDI, R., LAPIS, G., AND LINDSAY, B.G. 1989. A flexible and efficient database authorization facility. IBM Res. Rep. RJ 6826, IBM, San Jose, Calif.
	13	GLADNEY, H.M. 1978. Administrative control of computing service. IBM Syst. J. 17, 151.
	14	Henry M. Gladney, A storage subsystem for image and records management, IBM Systems Journal, v.32 n.3, p.512-540, August 1993
	15	GLADNEY, H.M. 1994. Condition tests in data server access control. IBM Res. Rep. RJ 9244, IBM, San Jose, Calif.
	16	GLADNEY, H. M., WORLEY, E. L., AND MYERS, J.J. 1975. An access control mechanism for computer resources. IBM Syst. J. 14, 212.
	17	Jim Gray , Andreas Reuter, Transaction Processing: Concepts and Techniques, Morgan Kaufmann Publishers Inc., San Francisco, CA, 1992
	18	Patricia P. Griffiths , Bradford W. Wade, An authorization mechanism for a relational database system, ACM Transactions on Database Systems (TODS), v.1 n.3, p.242-255, Sept. 1976 [doi>10.1145/320473.320482]
	19	L J Hoffman , L M Moran, Societal vulnerability to computer system failures, Computers and Security, v.5 n.3, p.211-217, Sept. 1986 [doi>10.1016/0167-4048(86)90013-1]
	20	IBM. 1985. Resource Access Control Facility (RACF) general information manual. Systems Ref. Lib. GC28-0722, IBM, San Jose, Calif.
	21	IBM. 1991. Image and Records Management (IRM) general information guide. IBM Systems Ref. Lib. GC22-0027, IBM, San Jose, Calif.
	22	IBM. 1994. IBM ImagePlus VisualInfo general information and planning guide. IBM Systems Ref. Lib. GK2T-1709, IBM, San Jose, Calif.
	23	ISO. 1991. Information technology--Portable Operating System Interface (POSIX)--security interface. ISO/IEC JTC 1/SC22/WG15 N046R1 P1003.6 Draft 12, International Standards Organization, Geneva, Switzerland.
	24	ISO. 1992. Information retrieval, transfer and management for OSI: Access control framework. ISO/IEC JTC 1/SC 21/WG 1 N6947 Second CD 10181-3. International Standards Organization, Geneva, Switzerland.
	25	JANSON, P. 1992. Security and management services in open networks and distributed systems. IBM Res. Rep. RZ 2274, IBM, San Jose, Calif.
	26	KARGER, P.A. 1985. Authentication and discretionary access control in computer networks. Comput. Networks ISDN Syst. 10, 1, 27-37.
	27	KOHL, J.T. 1991. The evolution of the Kerberos authentication service. In Proceedings of the EurOpen Conference, Unix Open Systems in Perspective. IEEE Computer Society Press, Los Alamitos, Calif., 295-313.
	28	KUMAR, R. 1991. OSF's distributed computing environment. IBM AIXpert 2, 22-29.
	29	Charles Lamb , Gordon Landis , Jack Orenstein , Dan Weinreb, The ObjectStore database system, Communications of the ACM, v.34 n.10, p.50-63, Oct. 1991 [doi>10.1145/125223.125244]
	30	Butler Lampson , Martín Abadi , Michael Burrows , Edward Wobber, Authentication in distributed systems: theory and practice, ACM SIGOPS Operating Systems Review, v.25 n.5, p.165-182, Oct. 1991
	31	Butler Lampson , Martín Abadi , Michael Burrows , Edward Wobber, Authentication in distributed systems: theory and practice, ACM Transactions on Computer Systems (TOCS), v.10 n.4, p.265-310, Nov. 1992 [doi>10.1145/138873.138874]
	32	LEBOWITZ, G. 1992. An overview of the OSF DCE distributed file system. IBM AIXpert 3, (Feb.), 55-64.
	33	LEE, T. M.P. 1988. Using mandatory integrity to enforce "commercial" security. In Proceedings of the 1988 IEEE Symposium on Security and Privacy. IEEE, New York, 140-146.
	34	LEISS, E. 1983. Authorization systems with grantor-controlled propagation of privileges. In Proceedings of Spring COMPCON '83. IEEE Computer Society Press, Los Alamitos, Calif.
	35	LINN, L. 1990. Practical authentication for distributed computing. In Proceedings of the 1990 IEEE Symposium on Research in Security and Privacy. IEEE, New York, 31-40.
	36	Guy M. Lohman , Bruce Lindsay , Hamid Pirahesh , K. Bernhard Schiefer, Extensions to Starburst: objects, types, functions, and rules, Communications of the ACM, v.34 n.10, p.94-109, Oct. 1991 [doi>10.1145/125223.125266]
	37	Jonathan D. Moffett , Morris S. Sloman, The Source of Authority for Commercial Access Control, Computer, v.21 n.2, p.59-69, February 1988 [doi>10.1109/2.19]
	38	OSF. 1991. Distributed Computer Environment (DCE) Version 1.0: Application Development Reference. Open Software Foundation, Cambridge, Mass.
	39	Fausto Rabitti , Elisa Bertino , Won Kim , Darrell Woelk, A model of authorization for next-generation database systems, ACM Transactions on Database Systems (TODS), v.16 n.1, p.88-131, March 1991 [doi>10.1145/103140.103144]
	40	RICHARDSON, J., SCHWARZ, P., AND CABRERA, L.-F. 1992. CACL: Efficient fine-grained protection for objects. IBM Res. Rep. RJ 8894, IBM, San Jose, Calif.
	41	SALTZER, J.H. AND SCHROEDER, M.D. 1975. The protection of information in computer systems. Proc. IEEE 63, 9, 1278-1308.
	42	Avi Silberschatz , Michael Stonebraker , Jeff Ullman, Database systems: achievements and opportunities, Communications of the ACM, v.34 n.10, p.110-120, Oct. 1991 [doi>10.1145/125223.125272]
	43	Michael Stonebraker , Greg Kemnitz, The POSTGRES next generation database management system, Communications of the ACM, v.34 n.10, p.78-92, Oct. 1991 [doi>10.1145/125223.125262]
	44	VARADHARAJAN, V., ALLEN, P., AND BLACK, S. 1991. An analysis of the proxy problem in distributed systems. In Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy. IEEE, New York, 255-275.

CITED BY 5

	Longhua Zhang , Gail-Joon Ahn , Bei-Tseng Chu, A rule-based framework for role based delegation, Proceedings of the sixth ACM symposium on Access control models and technologies, p.153-162, May 2001, Chantilly, Virginia, United States
	Longhua Zhang , Gail-Joon Ahn , Bei-Tseng Chu, A rule-based framework for role-based delegation and revocation, ACM Transactions on Information and System Security (TISSEC), v.6 n.3, p.404-441, August 2003
	Karsten Sohr , Michael Drouineaud , Gail-Joon Ahn, Formal specification of role-based security policies for clinical information systems, Proceedings of the 2005 ACM symposium on Applied computing, March 13-17, 2005, Santa Fe, New Mexico
	Sudip Chakraborty , Indrajit Ray, TrustBAC: integrating trust relationships into the RBAC model for access control in open systems, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
	Mehran Ahsant , Jim Basney , Lennart Johnsson, Dynamic, context-aware, least-privilege grid delegation, Proceedings of the 8th IEEE/ACM International Conference on Grid Computing, p.209-216, September 19-21, 2007

INDEX TERMS

Primary Classification:
D. Software
D.4 OPERATING SYSTEMS

Additional Classification:
C. Computer Systems Organization
C.2 COMPUTER-COMMUNICATION NETWORKS
C.2.4 Distributed Systems
Subjects: Distributed databases; Distributed applications

D. Software
D.2 SOFTWARE ENGINEERING
D.2.0 General
Subjects: Protection mechanisms

H. Information Systems
H.2 DATABASE MANAGEMENT
H.3 INFORMATION STORAGE AND RETRIEVAL
H.3.6 Library Automation
Subjects: Large text archives

General Terms:
Management, Security

Keywords:
access control, digital library, document, electronic library, information security

REVIEW

"Andrew Robert Huber : Reviewer"

What sort of access control is appropriate for a digital library or other very large online collection of documents? The Document Access Control Method (DACM) is the answer proposed here. An implemented document storage subsystem c more...

Collaborative Colleagues:

H. M. Gladney: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player