Organization based access control

Organization based access control

None of the classical access control models such as DAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include contextual rules related to permissions, prohibitions, obligations and recommendations. This is typically t...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Kalam, A.A.E., Baida, R.E., Balbiani, P., Benferhat, S., Cuppens, F., Deswarte, Y., Miege, A., Saurel, C., Trouessin, G.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Access control
Computer Science
Conferences
Context modeling
Formal languages
Information security
Information systems
Lenses
Logic
Logic in Computer Science
Medical services
Permission
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:None of the classical access control models such as DAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include contextual rules related to permissions, prohibitions, obligations and recommendations. This is typically the case of security policies that apply to the health care domain. We suggest a new model that provides solutions to specify such contextual security policies. This model, called organization based access control, is presented using a formal language based on first-order logic.
DOI:10.1109/POLICY.2003.1206966