Title :
A BLP-Based Model for Hierarchical Orgnizations
Author :
Wang, Jue ; Zhou, Li ; Tan, Chengxiang
Author_Institution :
Sch. of Software, East China Jiaotong Univ., Nanchang, China
Abstract :
A model based on Bell-LaPadula model is proposed for access control in hierarchical organizations which have hierarchical units. These units include departments, staff and a new concept named post. In the model proposed by this paper, relationships among units in organization are built, and security tags can be assigned to subjects and objects simply. The interoperation among different departments is implemented through assigning multiple security tags to one post, and the more departments are closed on the organization tree, the more secret objects can be exchanged by the staff of the departments. The access control matrices of the department, post and staff are defined. By using the three access control matrices, a multi granularity and flexible discretionary access control policy is implemented. The outstanding merit of the BLP model is inherited, and the new model can guarantee that all the information flow is under control. Finally, the study shows that the proposed model is more flexible.
Keywords :
access control; authorisation; BLP based model; Bell-LaPadula model; access control matrices; department interoperation; flexible discretionary access control policy; hierarchical organisation; multigranularity access control policy; multiple security tags; organization tree; Access control; Application software; Computer science; Computer security; DH-HEMTs; Electronic mail; Information security; Tree data structures; BLP-based model; access control matrices; hierarchical organization; multiple security tag;
Conference_Titel :
Computer Science and Engineering, 2009. WCSE '09. Second International Workshop on
Conference_Location :
Qingdao
Print_ISBN :
978-0-7695-3881-5
DOI :
10.1109/WCSE.2009.709
