skip to main content

Title: Modeling mandatory access control in role-based security systems

This paper discusses the realization of mandatory access control in role-based protection systems. Starting from the basic definitions of roles, their application in security and the basics of the concept of mandatory access control, we develop a scheme of role-based protection that realizes mandatory access control. The basis of this formulation develops from the recognition that roles can be seen as facilitating access to some given information context. By handling each of the role contexts as independent security levels of information, we simulate mandatory access by imposing the requirements of mandatory access control. Among the key considerations, we propose a means of taming Trojan horses by imposing acyclic information flow among contexts in role-based protection systems. The acyclic information flows and suitable access rules incorporate secrecy which is an essential component of mandatory access control.
Authors:
;  [1]
  1. Univ. of Western Ontario, London (Canada)
Publication Date:
OSTI Identifier:
457830
Report Number(s):
CONF-9508233--
TRN: 96:005796-0002
Resource Type:
Conference
Resource Relation:
Conference: 9. annual working conference on database security: status and prospects, Rensselaer, NY (United States), 13-15 Aug 1995; Other Information: PBD: 1996; Related Information: Is Part Of Database security IX: Status and prospects; Spooner, D.L.; Demurjian, S.A.; Dobson, J.E. [eds.]; PB: 415 p.
Publisher:
Chapman & Hall, New York, NY (United States)
Country of Publication:
United States
Language:
English
Subject:
99 MATHEMATICS, COMPUTERS, INFORMATION SCIENCE, MANAGEMENT, LAW, MISCELLANEOUS; INFORMATION SYSTEMS; SECURITY; DATA BASE MANAGEMENT; PROPRIETARY INFORMATION; SECRECY PROTECTION