The application of security policy to role-based access control and the common data security architecture

被引：25

作者：

Lin, A ^{[1
]}

Brown, R ^{[1
]}

机构：

[1] Hewlett Packard Labs, Bristol BS34 8QZ, Avon, England

来源：

COMPUTER COMMUNICATIONS | 2000年 / 23卷 / 17期

关键词：

authorization; role-based access control; security policy; trust management; security architecture;

D O I：

10.1016/S0140-3664(00)00244-9

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper, the approaches to introducing security policy into Role-Based Access Control (RBAC) and the Common Data Security Architecture (CDSA) are proposed. We apply security policy to a role's privileges in RBAC. An extended RBAC using PKI and role-assignment policy is described. The improved CDSA supports user-definable trust policy enforcement using trust policy description files. A policy-based CDSA is also presented. Furthermore, a role definition language is given, and a policy representation language is discussed. (C) 2000 Elsevier Science B.V. All rights reserved.

引用

页码：1584 / 1593

页数：10

共 18 条

[1] A security policy model for clinical information systems
Anderson, RJ
[J]. 1996 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 1996, : 30 - 43
[2] [Anonymous], P WORKSH LOG PROGR I
[3] [Anonymous], 1997, WORLD WIDE WEB J
[4] Baldwin R. W., 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy (Cat. No.90CH2884-5), P116, DOI 10.1109/RISP.1990.63844
[5] BARKLEY J, 1995, 1 ACM NIST WORKSH RO
[6] Decentralized trust management
Blaze, M
Feigenbaum, J
Lacy, J
[J]. 1996 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 1996, : 164 - 173
[7] Blaze M., 1999, Secure Internet programming. Security issues for mobile and distributed objects, P185
[8] Blaze M., 1998, P 6 INT WORKSH SEC P, P59
[9] Ferraiolo D. E., 1995, Proceedings. 11th Annual Computer Security Applications Conference, P241
[10] Ferriaolo David, 1992, P 15 NATL COMP SEC C, P554

← 1 2 →