Skip to main content
SpringerLink
Log in
Book cover

Australasian Conference on Information Security and Privacy

ACISP 1996: Information Security and Privacy pp 207–218Cite as

Support for joint action based security policies

  • Session 6: Access Control
  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1172))

Abstract

Authorization policy requirements in commercial applications are often richer compared to military applications in terms of the types of privileges required, and more complex in terms of both the nature and degree of interactions between participating objects. Delegation and joint action mechanisms allow a more flexible and dynamic form of access control, thereby enabling the representation of sophisticated authorization policies. This paper explores some issues that need to be addressed when designing joint actions based authorization policies, and their ramifications for trust of various components in the architecture. We consider an example from the medical field, and define attributes relevant to the design of joint action schemes and present three schemes for supporting joint action based authorization policies.

This is a preview of subscription content, log in via an institution.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Dept. of Defense, Trusted Computer Evaluation Criteria, DoD 5200.28-STD, Dec., 1985

    Google Scholar 

  2. ANSAware 3.0 Reference and Implementation manual, Document RM.097.00, APM Ltd. Cambridge, U.K.

    Google Scholar 

  3. Gasser, M. and McDermott, E.: An Architecture for a Practical Delegation in a Distributed System. IEEE Symposium on Research in Security and Privacy, Oakland (1990)

    Google Scholar 

  4. Varadharajan, V., Allen P., Black, S.: Analysis of Proxy Problem in Distributed Systems. IEEE Symposium on Research in Security and Privacy, Oakland (1991)

    Google Scholar 

  5. Ting, T. C.: Application Information Security Semantics: A Case of Mental Health Delivery. Database Security III: Status and Prospects Eds. D.L.Spooner and C.Landwehr, Elsevier.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Distributed System and Network Security Research Group, Department of Computing, University of Western Sydney, 2747, Nepean, Kingswood, NSW, Australia

    Vijay Varadharajan

  2. JP Morgan, UK

    Phillip Allen

Authors
  1. Vijay Varadharajan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Phillip Allen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Josef Pieprzyk Jennifer Seberry

Rights and permissions

Reprints and permissions

Copyright information

© 1996 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Varadharajan, V., Allen, P. (1996). Support for joint action based security policies. In: Pieprzyk, J., Seberry, J. (eds) Information Security and Privacy. ACISP 1996. Lecture Notes in Computer Science, vol 1172. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0023300

Download citation

  • DOI: https://doi.org/10.1007/BFb0023300

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-61991-8

  • Online ISBN: 978-3-540-49583-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation