Advertisement

The Complexity of Discretionary Access Control

  • Stephen Dranger
  • Robert H. Sloan
  • Jon A. Solworth
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4266)

Abstract

A recent paper presented an access control scheme for discretionary access controls with a decidable safety problem. This paper deals with the complexity analysis of that access control, and finds it to be, in its worst cases, PSPACE-complete, but polynomial time for practical cases. The PSPACE-hardness reduction uses the theory of succinct problems in a more general manner than circuit representation.

Keywords

Access Control Safety Problem Access Control Policy Access Control Model User Pair 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Brewer, D.F.C., Nash, M.J.: The Chinese Wall security policy. In: Proc. IEEE Symp. Security and Privacy, pp. 206–214 (1989)Google Scholar
  2. 2.
    Galperin, H., Wigderson, A.: Succinct representations of graphs. Information and Control 56, 183–198 (1983)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Harrison, M.A., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. Communications of the ACM (CACM) 19(8), 461–471 (1976)MATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Koch, M., Mancini, L.V., Parisi-Presicce, F.: Decidability of safety in graph-based models for access control. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol. 2502, pp. 229–243. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Koch, M., Mancini, L.V., Parisi-Presicce, F.: A graph-based formalism for RBAC. ACM Transactions on Information and System Security (TISSEC) 5(3), 332–365 (2002)CrossRefGoogle Scholar
  6. 6.
    Li, N., Tripunitara, M.V.: Security analysis in role-based access control. In: Proc. of ACM Symposium on Access Control Models and Technologies (SACMAT) (2004)Google Scholar
  7. 7.
    Lozano, A., Balcazár, J.L.: The complexity of graph problems for succinctly represented graphs. In: Ito, T., Halstead Jr., R.H. (eds.) US/Japan WS 1989. LNCS, vol. 441, pp. 277–285. Springer, Heidelberg (1990)Google Scholar
  8. 8.
    Osborn, S., Sandhu, R., Munawer, Q.: Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security (TISSEC) 3(2), 85–106 (2000)CrossRefGoogle Scholar
  9. 9.
    Sandhu, R.S.: The typed access matrix model. In: Proc. IEEE Symp. Security and Privacy, pp. 122–136 (1992)Google Scholar
  10. 10.
    Solworth, J.A., Sloan, R.H.: A layered design of discretionary access controls with decidable properties. In: Proc. IEEE Symp. Security and Privacy, pp. 56–67 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Stephen Dranger
    • 1
  • Robert H. Sloan
    • 1
  • Jon A. Solworth
    • 1
  1. 1.Dept. of Computer ScienceUniversity of Illinois at Chicago 

Personalised recommendations