Enforcing complex security policies for commercial applications

Author

Kao, I-Lung ; Chow, Randy

Author_Institution

Dept. of Comput. & Inf. Sci., Florida Univ., Gainesville, FL, USA

fYear

1995

fDate

9-11 Aug 1995

Firstpage

402

Lastpage

408

Abstract

Commercial applications often require complex access control policies which are hardly enforced by mechanisms based on a multilevel security model due to the properties of a lattice. Nor can they be enforced by discretionary access control like the access control matrix described by Harrison, Ruzzo, and Ullman without extra constraints since their enforcement still demands some degree of mandatory control. Frequently-desired multilevel exceptions are systematically categorized and it is shown that many security policies required by commercial sectors are actually examples of these multilevel exceptions. A new access control model based on Boolean expressions of classified categories is developed to enforce these policies in a uniform and elegant way

Keywords

Boolean functions; authorisation; exception handling; security of data; Boolean expressions; classified categories; commercial applications; commercial sectors; complex access control policies; complex security policy enforcement; multilevel security model; systematic frequently-desired multilevel exception categorization; Access control; Application software; Books; Computer security; Data security; Government; Information analysis; Information security; Lattices; Multilevel systems;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Software and Applications Conference, 1995. COMPSAC 95. Proceedings., Nineteenth Annual International

Conference_Location

Dallas, TX

ISSN

0730-3157

Print_ISBN

0-8186-7119-X

Type

conf

DOI

10.1109/CMPSAC.1995.524807

Filename

524807