Title :
Organization based access control
Author :
Kalam, A.A.E. ; Baida, R.E. ; Balbiani, Philippe ; Benferhat, Salem ; Cuppens, Frédéric ; Deswarte, Yves ; Miège, Alexandre ; Saurel, Claire ; Trouessin, Gilles
Author_Institution :
Lab. d´´Analyse et d´´Archit. des Syst., CNRS, Toulouse, France
Abstract :
None of the classical access control models such as DAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include contextual rules related to permissions, prohibitions, obligations and recommendations. This is typically the case of security policies that apply to the health care domain. We suggest a new model that provides solutions to specify such contextual security policies. This model, called organization based access control, is presented using a formal language based on first-order logic.
Keywords :
authorisation; formal languages; formal logic; contextual security policy; first order logic; formal language; health care; organization based access control; Access control; Conferences; Context modeling; Formal languages; Information security; Information systems; Lenses; Logic; Medical services; Permission;
Conference_Titel :
Policies for Distributed Systems and Networks, 2003. Proceedings. POLICY 2003. IEEE 4th International Workshop on
Print_ISBN :
0-7695-1933-4
DOI :
10.1109/POLICY.2003.1206966
