Access Control Coherence of Information Systems Based on Security Constraints
Security administration in an information system is a complex task. In order to be defined properly, the security policy requires formulation of a large number of security constraints. Moreover, the information system used in an enterprise should be coherent, which means that all its element, including relations between them as well as their constraints should posses this property.
The objective of this paper is to present security constraints of a security schema in an information system based on the RBAC model and the methods to assure the coherence of global security schema. Starting from the global schema of the coherent security, any insertion of a new application should respect the global coherence of the new security schema being the consequence of the fusion of these two schemas.
KeywordsAccess Control Common Element Application Developer Security Schema Access Control Model
Unable to display preview. Download preview PDF.
- 1.Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. ACM Press, Addison-Wesley (1994)Google Scholar
- 2.Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2) (1996)Google Scholar
- 3.Ferraiolo, D., Sandhu, R.S., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Role-Based Access Control. ACM, TISSEC (2001)Google Scholar
- 4.Ahn, G.-J.: The RCL 2000 Language for Specifying Role-Based Authorization Constraints (1999)Google Scholar
- 5.Ahn, G.-J., Sandhu, R.S.: The RSL 1999 Language for Role-Based Separation of Duty Constraints. ACM Transactions on RBAC (1999)Google Scholar
- 6.Ahn, G.-J., Sandhu, R.S.: Role-based Authorization Constraints Specification. ACM Transactions on Information and Systems Security (2000)Google Scholar
- 7.Booch, G., Rumbaugh, J., Jacobson, I.: The Unified Modeling Language User Guide. Addison Wesley, Reading (1998)Google Scholar
- 8.Warmer, J.B., Kleppe, A.G.: The Object Constraint Language. Precise modeling with UML. Addison-Wesley, Reading (1999)Google Scholar
- 9.Goncalves, G., Hemery, F., Poniszewska, A.: Verification of Access Control Coherence in Information System during Modifications. In: Proceedings of 12th IEEE International WETICE, Austria (2003)Google Scholar
- 11.Poniszewska-Maranda, A.: Role Engineering of Information System Using Extended RBAC Model. In: Proceedings of 14th IEEE International WETICE, Sweden (2005)Google Scholar