Title :
One-representative safety analysis in the non-monotonic transform model
Author :
Ammann, Paul E. ; Sandhu, Ravi S.
Author_Institution :
Dept. of Inf. & Software Syst. Eng., George Mason Univ., Fairfax, VA, USA
Abstract :
We analyze the safety question for the Non-Monotonic Transform (NMT) model, an access control model that encompasses a wide variety of practical access control mechanisms. In general, safety analysis, i.e. whether it is possible for a specified subject to obtain a given access right for a certain object, is computationally intractable, even for many monotonic models. We identify one-representable NMT schemes and argue that they have tractable safety analysis. Safety analysis of one-representable schemes considers exactly one representative of each type of subject in the initial state, and thus the complexity of safety analysis is independent of the total number of subjects in the system. We demonstrate by example that one-representable schemes admit applications of practical interest, and that safety analysis guides the construction of such schemes
Keywords :
authorisation; data privacy; access control mechanisms; access control model; nonmonotonic transform model; one-representative safety analysis; safety analysis; Access control; Authorization; Information analysis; Information systems; Leg; National security; Permission; Software safety; Software systems; Systems engineering and theory;
Conference_Titel :
Computer Security Foundations Workshop VII, 1994. CSFW 7. Proceedings
Conference_Location :
Franconia, NH
Print_ISBN :
0-8186-6230-1
DOI :
10.1109/CSFW.1994.315940
