Title :
Enforcing complex security policies for commercial applications
Author :
Kao, I-Lung ; Chow, Randy
Author_Institution :
Dept. of Comput. & Inf. Sci., Florida Univ., Gainesville, FL, USA
Abstract :
Commercial applications often require complex access control policies which are hardly enforced by mechanisms based on a multilevel security model due to the properties of a lattice. Nor can they be enforced by discretionary access control like the access control matrix described by Harrison, Ruzzo, and Ullman without extra constraints since their enforcement still demands some degree of mandatory control. Frequently-desired multilevel exceptions are systematically categorized and it is shown that many security policies required by commercial sectors are actually examples of these multilevel exceptions. A new access control model based on Boolean expressions of classified categories is developed to enforce these policies in a uniform and elegant way
Keywords :
Boolean functions; authorisation; exception handling; security of data; Boolean expressions; classified categories; commercial applications; commercial sectors; complex access control policies; complex security policy enforcement; multilevel security model; systematic frequently-desired multilevel exception categorization; Access control; Application software; Books; Computer security; Data security; Government; Information analysis; Information security; Lattices; Multilevel systems;
Conference_Titel :
Computer Software and Applications Conference, 1995. COMPSAC 95. Proceedings., Nineteenth Annual International
Conference_Location :
Dallas, TX
Print_ISBN :
0-8186-7119-X
DOI :
10.1109/CMPSAC.1995.524807
