Role based access control on MLS systems without kernel changes

@inproceedings{Kuhn1998RoleBA,
  title={Role based access control on MLS systems without kernel changes},
  author={D. R. Kuhn},
  booktitle={RBAC '98},
  year={1998}
}
  • D. R. Kuhn
  • Published in RBAC '98 1998
  • Computer Science
Role based access control (RBAC) is attracting increasing attention as a security mechanism for both commercial and many military systems. This paper shows how RBAC can be implemented using the mechanisms available on traditional multi-level security systems that implement information flow policies. The construction from MLS to RBAC systems is significant because it shows that the enormous investment in MLS systems can be leveraged to produce RBAC systems. The method requires no changes to the… Expand
Cryptographic Roles in the Age of Wikileaks: Implementation Models for Cryptographically Enforced RBAC
  • M. Kiviharju
  • Computer Science
  • MILCOM 2013 - 2013 IEEE Military Communications Conference
  • 2013
TLDR
It is shown that it is feasible to implement at least the Core RBAC with standard XACML architecture and ABE models, and that the expressiveness of the ABE-schemes can reach nearly all the way in terms of symmetric RBAC commands and functions, such as Dynamic Separation of Duty. Expand
An Integrated Model for Access Control and Information Flow Requirements
TLDR
DTE model is formalized in order to use it as a solution for a flexible information flow control and is integrated into an unique access control model expressive enough to handle access and flow control security rules. Expand
Policy Machine: Features, Architecture, and Specification
The ability to control access to sensitive data in accordance with policy is perhaps the most fundamental security requirement. Despite over four decades of security research, the limited ability forExpand
Token and Session Compatibility in Role Based Access Control with Privileges Management
TLDR
The Token security system framework proposed in this paper reduces the gap between Session management and Token, and further improves the older models which are not agile enough to handle the granularity of the user roles provided. Expand
An Introduction to Role-Based Access Control
  • I. Clark
  • Business, Computer Science
  • Information Security Management Handbook, 6th ed.
  • 2007
TLDR
Today's large organization’s information technology infrastructure is a mix of complex incompatible operating systems, applications, and databases spread over a large geographical area that creates an enormous administrative overhead, with each group of administrators often implementing their own policies and procedure. Expand
Proposed NIST standard for role-based access control
TLDR
Although RBAC continues to evolve as users, researchers, and vendors gain experience with its application, the features and components proposed in this standard represent a fundamental and stable set of mechanisms that may be enhanced by developers in further meeting the needs of their customers. Expand
Building hybrid access control by configuring RBAC and MAC features
TLDR
The formal definition of partial inheritance and composition methods in the presented approach enables precisely specifying access control features and feature configuration, which paves the way for systematic development of a hybrid access control model in an early development phase. Expand
A Feature-Based Modeling Approach for Building Hybrid Access Control Systems
TLDR
This work presents a feature-based modeling approach for developing hybrid access control systems that enables systematic development of hybrid systems of RBAC and MAC and reduces development complexity and errors through need-based configuration of features in early development phases. Expand
Reflection on Building Hybrid Access Control by Configuring RBAC and MAC Features
  • Dae-Kyoo Kim, Hua Ming, Lunjin Lu
  • Computer Science
  • 2020 IEEE 27th International Conference on Software Analysis, Evolution and Reengineering (SANER)
  • 2020
TLDR
An ongoing effort for a new approach is described to address the weaknesses of the publication with expected impact and its position in the current state of the arts since the publication is discussed. Expand
On permissions, inheritance and role hierarchies
TLDR
A role-based access control model is introduced that contains a novel approach to permission inheritance and it is illustrated how this model can be used to derive a role- based model with multi-level secure properties. Expand
...
1
2
3
...

References

SHOWING 1-10 OF 20 REFERENCES
RBAC emulation on trusted DG/UX
TLDR
This paper discusses three candidate mechanisms that are available in DG/UX@ B2 Security Option, a high security commercial off-the-shelfoperating system. Expand
Modeling Mandatory Access Control in Role-Based Security Systems
TLDR
A means of taming Trojan horses by imposing acyclic information flow among contexts in role-based protection systems that incorporates secrecy which is an essential component of mandatory access control is proposed. Expand
Role-Based Access Control Models
TLDR
Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed. Expand
Mandatory access control and role-based access control revisited
TLDR
It is shown that the combinai,ion of the structure imposed by the role graphs and the MAC rules means that the possible structure of a role graph in which roles are assignable to subjects without violating MAC rules is greatly restricted. Expand
Naming and grouping privileges to simplify security management in large databases
  • R. Baldwin
  • Computer Science
  • Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy
  • 1990
TLDR
The main conclusion is that the naming and abstraction mechanism provided by NPDs can simplify security management in much the same way that procedures can simplify programming. Expand
Role Hierarchies and Constraints for Lattice-Based Access Controls
TLDR
This paper formally show that lattice-based mandatory access controls can be enforced by appropriate configuration of RBAC components and constructions demonstrate that role hierarchies and constraints are required to effectively achieve this result. Expand
Security in computing
TLDR
This book describes the security pitfalls inherent in many important computing tasks today and points out where existing controls are inadequate and serious consideration must be given to the risk present in the computing situation. Expand
Building a Secure Computer System
TLDR
This paper aims to clarify the role of encryption in the development of knowledge representation and provides some examples of how the model has changed over time from simple to complex to understandable. Expand
Editors
  • Brain Research Bulletin
  • 1986
This specification defines the Document Object Model Level 2 HTML, a platformand language-neutral interface that allows programs and scripts to dynamically access and update the content and structureExpand
Secure Computer Systems: Mathematical Foundations
TLDR
The first results of an investigation into solutions to problems of security in computer systems are reported, establishing the basis for rigorous investigation by providing a general descriptive model of a computer system. Expand
...
1
2
...