Sushil Jajodia
Pierangela Samarati
Abstract
Although several access control policies can be devised for controlling access to information, all existing authorization models, and the corresponding enforcement mechanisms, are based on a specific policy (usually the closed policy). As a consequence, although different policy choices are possible in theory, in practice only a specific policy can actually be applied within a given system. In this paper, we present a unified framework that can enforce multiple access control policies within a single system. The framework is based on a language through which users can specify security policies to be enforced on specific accesses. The language allows the specification of both positive and negative authorizations and incorporates notions of authorization derivation, conflict resolution, and decision strategies. Different strategies may be applied to different users, groups, objects, or roles, based on the needs of the security policy. The overall result is a flexible and powerful, yet simple, framework that can easily capture many of the traditional access control policies as well as protection requirements that exist in real-world applications, but are seldom supported by existing systems. The major advantage of our approach is that it can be used to specify different access control policies that can all coexist in the same system and be enforced by the same security server.
- APT, K., BLAIR, H., AND WALKER, A. 1988. Towards a theory of declarative knowledge. In Foundations of Deductive Databases and Logic Programming, J. Minker, Ed., Morgan-Kaufmann, San Mateo, Calif. Google Scholar
Digital Library
- BARAL,C.AND SUBRAHMANIAN, V. 1992. Stable and extension class theory for logic programs and default theories. J. Automat. Reas. 8, 345-366. Google ScholarDigital Library
- BERMAN, K., SCHLIPF,J.,AND FRANCO, J. 1995. Computing the well-founded semantics faster. In Proceedings of the 3rd International Workshop on Logic Programming and Nonmonotonic Rea-soning, A. N. W. Marek and M. Truszczynski, Eds., (Lexington, Ky., June). pp. 113-126. Google ScholarDigital Library
- BERTINO, E., BETTINI, C., FERRARI, E., AND SAMARATI, P. 1996. A temporal access control mechanism for database systems. IEEE Trans. Knowl. Data Eng. 8, 1, 67-80. Google ScholarDigital Library
- BERTINO, E., BUCCAFURRI, F., FERRARI, E., AND RULLO, P. 1998. An authorizations model and its formal semantics. In Proceedings of the 4th European Symposium on Research in Computer Security (ESORICS'98) (Louvaine-Le-Neuve, Belgium). Google ScholarDigital Library
- BERTINO, E., JAJODIA,S.,AND SAMARATI, P. 1999. A flexible authorization mechanism for relational data management systems. ACM Trans. Inf. Syst. 17, 2, 101-140. Google ScholarDigital Library
- BERTINO, E., SAMARATI,P.,AND JAJODIA, S. 1993. Authorizations in relational database management systems. In Proceedings of the 1st ACM Conference on Computer and Communications Security (Fairfax, VA. Nov. 3-5). ACM, New York, pp. 130-139. Google ScholarDigital Library
- BRANSTAD, M., TAJALLI, H., MAYER,F.,AND DALVA, D. 1989. Access mediation in a message passing kernel. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland, Calif.). IEEE Computer Society Press, Los Alamitos, Calif., pp. 66-72.Google Scholar
- BREWER,D.F.C.AND NASH, M. J. 1989. The chinese wall security policy. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland, Calif.). IEEE Computer Society Press, Los Alamitos, Calif., pp. 215-228.Google ScholarCross Ref
- BRUGGEMANN, H. H. 1992. Rights in an object-oriented environment. In Database Security, V: Status and Prospects, North-Holland, Amsterdam, The Netherlands, pp. 99-115. Google ScholarDigital Library
- CASTANO, S., FUGINI, M., MARTELLA,G.,AND SAMARATI, P. 1995. Database Security. Addison-Wesley, Reading, Mass. Google ScholarDigital Library
- DENNING, D. E., LUNT, T., SCHELL, R., HECKMAN, M., AND SHOCKLEY, S. 1987. Secure distributed data view (Sea View) -the Sea View formal security policy model. Tech. rep. SRI International, Menlo Park, Calif.Google Scholar
- FINE,T.AND MINEAR, S. E. 1993. Assuring distributed trusted mach. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland, Calif.). IEEE Computer Society Press, Los Alami-tos, Calif., pp. 206-218. Google ScholarDigital Library
- GELFOND,M.AND LIFSCHITZ, V. 1988. The stable model semantics for logic programming. In Proceedings of the 5th International Conference and Symposium on Logic Programming (Seattle, Wash.). pp. 1070-1080.Google Scholar
- GOTTLOB, G. 1992. Complexity results for nonmonotonic logics. J. Logic Comput. 2, 3, 397-425.Google ScholarCross Ref
- JAJODIA, S., SAMARATI,P.,AND SUBRAHMANIAN, V. 1997a. A logical language for expressing authorizations. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland, Calif.). IEEE Computer Society Press, Los Alamitos, Calif., pp. 94-107. Google ScholarDigital Library
- JAJODIA, S., SAMARATI, P., SUBRAHMANIAN,V.,AND BERTINO, E. 1997b. A unified framework for enforcing multiple access control policies. In Proceedings of the 1997 ACM SIGMOD International Conference on Management of Data (Tucson, AZ, May 13-15). ACM, New York, pp. 474-485. Google ScholarDigital Library
- JONSCHER,D.,AND DITTRICH, K. R. 1996. Argos - A configurable access control system for interoperable environments. In Database Security IX: Status and Prospects, S. A. D. D. L. Spooner and J. E. Dobson, Eds., Chapman & Hall, London, England, pp. 43-60. Google ScholarDigital Library
- LLOYD, J. W. 1987. Foundations of Logic Programming. Springer-Verlag, New York. Google ScholarDigital Library
- LUNT, T. F. 1989. Access control policies for database systems. In Database Security II: Status and Prospects, C. E. Landwehr, Ed., North-Holland, Amsterdam, The Netherlands, pp. 41-52.Google Scholar
- MAREK,W.AND SUBRAHMANIAN, V. 1992. The relationship between stable, supported, default and auto-epistemic semantics for general logic programs. Theoret. Comput. Sci. 103, 365-386. Google ScholarDigital Library
- MARTELLI,A.AND MONTANARI, U. 1982. An efficient unification algorithm. ACMTrans. Prog. Lang. Syst. 4, 2, 258-282. Google ScholarDigital Library
- PRZYMUSINSKI, T. 1988. On the declarative semantics of deductive databases and logic programs. In Foundations of Deductive Databases, J. Minker, Ed., Morgan-Kaufmann, San Mateo, Calif., pp. 193-216. Google ScholarDigital Library
- RABITTI, F., BERTINO, E., KIM,W.,AND WOELK, D. 1991. A model of authorization for next-generation database systems. ACM Trans. Data. Syst. 16, 1, 89-131. Google ScholarDigital Library
- REITER, R. 1980. A logic for default reasoning. Artif. Int. 13, 81-132.Google ScholarDigital Library
- SAYDJARI,O.S.,TURNER,S.J.,PEELE, D. E., FARRELL,J.F.,LOSCOCCO, P. A., KUTZ,W.,AND BOCK,G.L. 1993. Synergy: A distributed, microkernel-based security architecture, version 1.0. Tech. rep. National Security Agency, Ft. George G. Meade, Md.Google Scholar
- SHEN,H.AND DEWAN, P. 1992. Access control for collaborative environments. In Proceedings of the ACM Conference on Computer Supported Cooperative Work. ACM, New York, pp. 51-58. Google ScholarDigital Library
- TARSKI, A. 1955. A lattice-theoretical fixpoint theorem and its applications. Pacific J. Math. 5, 285-309.Google ScholarCross Ref
- VAN GELDER, A. 1989. The alternating fixpoint of logic programs with negation. In Proceedings of the 8th ACM SILACT-SICMOO-SILART Symposium on Principles of Database Systems (Philadelphia, Pa., Mar. 29-31). ACM, New York, pp. 1-10. Google ScholarDigital Library
- WOO,T.Y.C.AND LAM, S. S. 1993. Authorizations in distributed systems: A new approach. Journal of Computer Security 2, 2,3.Google ScholarCross Ref
Index Terms
- Flexible support for multiple access control policies
Recommendations
A unified framework for enforcing multiple access control policies
Although several access control policies can be devised for controlling access to information, all existing authorization models, and the corresponding enforcement mechanisms, are based on a specific policy (usually the closed policy). As a consequence, ...
Removing permissions in the flexible authorization framework
The Flexible Authorization Framework (FAF) defined by Jajodia et al. [2001] provides a policy-neutral framework for specifying access control policies that is expressive enough to specify many known access control policies. Although the original ...
Verification and enforcement of access control policies
Access control mechanisms protect critical resources of systems from unauthorized access. In a policy-based management approach, administrators define user privileges as rules that determine the conditions and the extent of users' access rights. As ...
Comments