ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Panel: The next generation of acess control models (panel session): do we need them and what should they be?
Full text PdfPdf (61 KB)
Source ACM Workshop on Role Based Access Control archive
Proceedings of the sixth ACM symposium on Access control models and technologies table of contents
Chantilly, Virginia, United States
Page: 53  
Year of Publication: 2001
ISBN:1-58113-350-2
Authors
Ravi Sandhu  Moderator
Elisa Bertino  Panelist
Jaeger Jaeger  Panelist
Richard Kuhn  Panelist
Carl Landwehr  Panelist
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 1,   Downloads (12 Months): 25,   Citation Count: 0
Additional Information:

abstract   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/373256.373262
What is a DOI?

ABSTRACT

Research on access control models was started in the 1960s and 1970s by the two thrusts of mandatory and discretionary access control. Mandatory access control (MAC) came from the military and national security arenas whereas discretionary access control (DAC) had its roots in academic and commercial research laboratories. These two thrusts were dominant through the 1970s and 1980s almost to exclusion of any other approach to access control models. In the 1990s we have seen a dramatic shift towards pragmatism. The dominant access-control model of the 1990s is role-based access control (RBAC). It is now understood that RBAC encompasses MAC and DAC as special cases and goes beyond them in providing a policy-neutral framework. This SACMAT meeting has evolved from a highly successful and productive series of ACM workshops on RBAC. This panel will address the basic question of where do we go next with access control models. Do we need additional models or can we simply evolve the current set of RBAC models? Is RBAC fundamentally deficient in some way? Where should be go in terms of standards? Is there useful formal and theoretical work to be done in the access control models arena? The first meeting with the title SACMAT is a fitting place to address these questions.


INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls

Additional Classification:
  I. Computing Methodologies
  I.2 ARTIFICIAL INTELLIGENCE
      I.2.8 Problem Solving, Control Methods, and Search
          Subjects: Control theory

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS


General Terms:
Design, Management, Performance, Theory

Collaborative Colleagues:
Ravi Sandhu: colleagues
Elisa Bertino: colleagues
Jaeger Jaeger: colleagues
Richard Kuhn: colleagues
Carl Landwehr: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player