Definitions
An administrative policy defines who can grant and revoke authorizations (or prohibitions) to access resources.
Background
An access control service controls every access to a system and its resources to ensure that all and only authorized accesses can take place. To this purpose, access control is based on access rules defining which accesses are (or are not) to be allowed. An administrative policy is therefore needed to regulate the specification of such rules, that is, to define who can add, delete, or modify them. Administrative policies are one of the most important, though less understood, aspect in access control. Indeed, they have usually received little consideration, and, while it is true that a simple administrative policy would suffice for many applications, it is also true that new applications (and organizational environments) would benefit from the enrichment of administrative policies. For instance, there are increasing concerns related to the protection of...
References
Samarati P, De Capitani di Vimercati S (2001) Access control: policies, models, and mechanisms. In: Focardi R, Gorrieri R (eds) Foundations of security analysis and design, volume 2171 of LNCS. Springer, Berlin
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Section Editor information
Rights and permissions
Copyright information
© 2021 Springer Science+Business Media LLC
About this entry
Cite this entry
De Capitani di Vimercati, S., Samarati, P. (2021). Administrative Policies. In: Jajodia, S., Samarati, P., Yung, M. (eds) Encyclopedia of Cryptography, Security and Privacy. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27739-9_808-2
Download citation
DOI: https://doi.org/10.1007/978-3-642-27739-9_808-2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27739-9
Online ISBN: 978-3-642-27739-9
eBook Packages: Springer Reference Computer SciencesReference Module Computer Science and Engineering