Modeling mandatory access control in role-based security systems
This paper discusses the realization of mandatory access control in role-based protection systems. Starting from the basic definitions of roles, their application in security and the basics of the concept of mandatory access control, we develop a scheme of role-based protection that realizes mandatory access control. The basis of this formulation develops from the recognition that roles can be seen as facilitating access to some given information context. By handling each of the role contexts as independent security levels of information, we simulate mandatory access by imposing the requirements of mandatory access control. Among the key considerations, we propose a means of taming Trojan horses by imposing acyclic information flow among contexts in role-based protection systems. The acyclic information flows and suitable access rules incorporate secrecy which is an essential component of mandatory access control.
- Publication Date:
- OSTI Identifier:
- Report Number(s):
- Resource Type:
- Resource Relation:
- Conference: 9. annual working conference on database security: status and prospects, Rensselaer, NY (United States), 13-15 Aug 1995; Other Information: PBD: 1996; Related Information: Is Part Of Database security IX: Status and prospects; Spooner, D.L.; Demurjian, S.A.; Dobson, J.E. [eds.]; PB: 415 p.
- Chapman & Hall, New York, NY (United States)
- Country of Publication:
- United States
- 99 MATHEMATICS, COMPUTERS, INFORMATION SCIENCE, MANAGEMENT, LAW, MISCELLANEOUS; INFORMATION SYSTEMS; SECURITY; DATA BASE MANAGEMENT; PROPRIETARY INFORMATION; SECRECY PROTECTION