MoFAC: A Model for Fine-grained Access Control
Access control in Information Technology (IT) systems, also known as Authorization, is one of the cornerstones of any Information Security Policy. The granularity of such access control can be on different levels, for example on volume (disc pack) level, database level, table level, and even on individual record (or tuple) and data field level. Although very fine-grained access control, for example on record level, is often required, in most systems access control on table level is used. The reason is that the management process is significantly easier and simpler the courser the level of control becomes.
MoFAC presents a model in which access control is finer than table level, but where the increase in complexity and management stays within acceptable limits.
KeywordsAuthorization Access control Distributed systems Role-based security
- Baker, R (1991) Computer Security Handbook, TAB Reference Books.Google Scholar
- Farrow, R (1991) UNIX System Security, Addison-Wesley.Google Scholar
- ISSA (1994) Single Sign-On Requirements, Greater New York ISSA Chapter Subcommittee on SSO.Google Scholar
- Kay, R, (1994) Distributed and Secure, Byte, 19, 6, 165–180.Google Scholar
- Muftic, S (1991) Security Mechanisms for Computer Networks, Ellis Horwood.Google Scholar
- Pfleeger, CP (1989) Security in Computing, Prentice-Hall.Google Scholar
- Sandhu, RS (1993) Lattice-based Access Control Models, IEEE Computer, 9–19.Google Scholar
- UNIX International (1990) UNIX System V Security, UNIX International.Google Scholar
- Von Solms, JS, Olivier, MS and Von Solms, SH (1995) Authorization in the Distributed Object Environment MOdel for Fine-grained Access Control (MoFAC), Poster, IT Sicherheit ’85, Graz, Austria.Google Scholar