Access Control Policy Model for Implementing Network Based Authorization Framework

Author

Singh, Manpreet ; Patterh, Manjeet S.

Author_Institution

UCoE, Punjabi Univ., Patiala

fYear

2008

fDate

13-15 Oct. 2008

Firstpage

42

Lastpage

47

Abstract

One of the major threats that an enterprise information system networks are facing today is the internal threat. In this paper we develop a formal network access control model as per ISO/IEC security evaluation criteria - common criteria to provide a formal framework for implementing an Internal threat protection security solution in network computing environment. We used network interpretation of the security functional components of common criteria to model the access control framework. The paper concludes with a case study along with model verification.

Keywords

authorisation; information networks; ISO/IEC security evaluation criteria; access control policy model; enterprise information system networks; internal threat; model verification; network based authorization framework; Access control; Application software; Authorization; Computer networks; Computer science; IEC standards; ISO standards; Information security; Information systems; Protection; Access Control; Evaluation Criteria; Formal Methods; Security Policy;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Science and its Applications, 2008. CSA '08. International Symposium on

Conference_Location

Hobart, ACT

Print_ISBN

978-0-7695-3428-2

Type

conf

DOI

10.1109/CSA.2008.32

Filename

4654058