Title :
Safety analysis for the extended schematic protection model
Author :
Ammann, P.E. ; Sandhu, R.S.
Author_Institution :
George Mason Univ., Fairfax, VA, USA
Abstract :
It is argued that the access matrix model of M.H. Harrison, W.L. Ruzzo and J.D. Ullman (HRU) (1976) has extremely weak safety properties; safety analysis is undecidable for most policies of practical interest. An alternate formulation of the HRU model is presented that gives strong safety properties. This alternative formulation is called the extended schematic protection model (ESPM). ESPM is derived from the schematic protection model (SPM) by extending the creation operation to allow multiple parents for a child, as opposed to the conventional create operation of SPM, which has a single parent for a child. It is shown that, despite its equivalence to HRU, ESPM, retains a tractable safety analysis for a large class of protection schemes that are of practical interest
Keywords :
multi-access systems; safety; security of data; ESPM; HRU; SPM; access matrix model; child; extended schematic protection model; multiple parents; protection schemes; safety analysis; safety properties; tractable safety analysis; Access control; Information systems; Permission; Power engineering and energy; Power system modeling; Protection; Safety; Scanning probe microscopy; Software systems; Systems engineering and theory;
Conference_Titel :
Research in Security and Privacy, 1991. Proceedings., 1991 IEEE Computer Society Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-8186-2168-0
DOI :
10.1109/RISP.1991.130777
