On Lattices in Access Control Models
Lattices have been extensively used for implementing mandatory access control policies. Typically, only a small sublattice of the subset lattice of a certain alphabet is used in applications. We argue that attribute exploration from formal concept analysis is an appropriate tool for generating this sublattice in a semiautomatic fashion. We discuss how two access control models addressing different (in a sense, opposite) requirements can be incorporated within one model. In this regard, we propose two operations that combine contexts of the form (G, M, I) and (N, G, J). The resulting concept lattices provide most of the required structure.
KeywordsSecurity Level Concept Lattice Access Control Policy Formal Context Formal Concept Analysis
Unable to display preview. Download preview PDF.
- 1.Sandhu, R.: Lattice-based access control models. IEEE Computer 26, 9–19 (1993)Google Scholar
- 3.Biba, K.: Integrity considerations for secure computer systems. Report TR-3153, Mitre Corporation, Bedford, Mass. (1977)Google Scholar
- 4.Gollmann, D.: Computer Security. John Wiley & Sons Ltd, Chichester (1999)Google Scholar
- 5.Bell, D., LaPadula, L.: Secure computer systems: Mathematical foundations and model. Report M74-244, Mitre Corporation, Bedford, Mass. (1975)Google Scholar
- 7.Lipner, S.: Nondiscretionary controls for commercial applications. In: Proc. IEEE Symp. Security and Privacy, pp. 2–10. IEEE CS Press, Los Alamitos (1982)Google Scholar
- 8.Smith, G.: The Modeling and Representation of Security Semantics for Database Applications. PhD thesis, George Mason Univ. Fairfax, Va. (1990)Google Scholar
- 9.Birkhoff, G.: Lattice Theory. Amer. Math. Soc. Coll. Publ. Providence, R.I. (1973)Google Scholar
- 12.Ganter, B., Krausse, R.: Pseudo models and propositional horn inference. Technical Report MATH-AL-15-1999, Technische Universität Dresden, Germany (1999)Google Scholar
- 13.Ganter, B.: Two basic algorithms in concept analysis. Preprint Nr. 831, Technische Hochschule Darmstadt (1984)Google Scholar