DocumentCode :
2509674
Title :
Separation of duty in role-based environments
Author :
Simon, Richard T. ; Zurko, Mary Ellen
Author_Institution :
Open Group Res. Inst., Eleven Cambridge Center, MA, USA
fYear :
1997
fDate :
10-12 Jun 1997
Firstpage :
183
Lastpage :
194
Abstract :
The separation of duty is a principle that has a long history in computer security research. Many computing systems provide rudimentary support for this principle, but often the support is inconsistent with the way the principle is applied in non-computing environments. Furthermore, there appears to be no single accepted meaning of the term. We examine the ways in which separation of duty has been used, adding the notion of history-based separation of duty. We assess ways in which computing systems may support separation of duty. We discuss the mechanisms we are implementing to support separation of duty and roles in Adage, a general-purpose authorization language and toolkit
Keywords :
authorisation; security of data; Adage; authorization toolkit; computer security; general-purpose authorization language; history-based separation of duty; role-based environments; Access control; Accidents; Authorization; Computer security; Counting circuits; Data security; History; Information security; Protection; Robustness;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Security Foundations Workshop, 1997. Proceedings., 10th
Conference_Location :
Rockport, MA
ISSN :
1063-6900
Print_ISBN :
0-8186-7990-5
Type :
conf
DOI :
10.1109/CSFW.1997.596811
Filename :
596811
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2509674
بازگشت