Abstract
Lattices have been extensively used for implementing mandatory access control policies. Typically, only a small sublattice of the subset lattice of a certain alphabet is used in applications. We argue that attribute exploration from formal concept analysis is an appropriate tool for generating this sublattice in a semiautomatic fashion. We discuss how two access control models addressing different (in a sense, opposite) requirements can be incorporated within one model. In this regard, we propose two operations that combine contexts of the form (G, M, I) and (N, G, J). The resulting concept lattices provide most of the required structure.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Sandhu, R.: Lattice-based access control models. IEEE Computer 26, 9–19 (1993)
Denning, D.: A lattice model of secure information flow. Comm. ACM 19, 236–243 (1976)
Biba, K.: Integrity considerations for secure computer systems. Report TR-3153, Mitre Corporation, Bedford, Mass. (1977)
Gollmann, D.: Computer Security. John Wiley & Sons Ltd, Chichester (1999)
Bell, D., LaPadula, L.: Secure computer systems: Mathematical foundations and model. Report M74-244, Mitre Corporation, Bedford, Mass. (1975)
Ganter, B., Wille, R.: Formal Concept Analysis: Mathematical Foundations. Springer, Berlin (1999)
Lipner, S.: Nondiscretionary controls for commercial applications. In: Proc. IEEE Symp. Security and Privacy, pp. 2–10. IEEE CS Press, Los Alamitos (1982)
Smith, G.: The Modeling and Representation of Security Semantics for Database Applications. PhD thesis, George Mason Univ. Fairfax, Va. (1990)
Birkhoff, G.: Lattice Theory. Amer. Math. Soc. Coll. Publ. Providence, R.I. (1973)
Guigues, J.L., Duquenne, V.: Familles minimales d’implications informatives resultant d’un tableau de données binaires. Math. Sci. Humaines 95, 5–18 (1986)
Ganter, B.: Attribute exploration with background knowledge. Theoretical Computer Science 217, 215–233 (1999)
Ganter, B., Krausse, R.: Pseudo models and propositional horn inference. Technical Report MATH-AL-15-1999, Technische Universität Dresden, Germany (1999)
Ganter, B.: Two basic algorithms in concept analysis. Preprint Nr. 831, Technische Hochschule Darmstadt (1984)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Obiedkov, S., Kourie, D.G., Eloff, J.H.P. (2006). On Lattices in Access Control Models. In: Schärfe, H., Hitzler, P., Øhrstrøm, P. (eds) Conceptual Structures: Inspiration and Application. ICCS 2006. Lecture Notes in Computer Science(), vol 4068. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11787181_27
Download citation
DOI: https://doi.org/10.1007/11787181_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-35893-0
Online ISBN: 978-3-540-35902-9
eBook Packages: Computer ScienceComputer Science (R0)