The current scheme of access control judges the legality of each access based on immediate information without considering associate information hidden in a series of accesses. Due to the deficiency, access control systems do not efficiently limit attacks consist of ordinary operations. For trusted operating system developments, we extended RBAC and added negative procedural constraints to refuse those attacks. With the procedural constraints, the access control of trusted operating systems can discriminate attack trials from normal behaviors. This paper shows the specification of the extended concept and model, and presents simple analysis results.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Wook SHIN, Jong-Youl PARK, Dong-Ik LEE, "Extended Role Based Access Control with Procedural Constraints for Trusted Operating Systems" in IEICE TRANSACTIONS on Information,
vol. E88-D, no. 3, pp. 619-627, March 2005, doi: 10.1093/ietisy/e88-d.3.619.
Abstract: The current scheme of access control judges the legality of each access based on immediate information without considering associate information hidden in a series of accesses. Due to the deficiency, access control systems do not efficiently limit attacks consist of ordinary operations. For trusted operating system developments, we extended RBAC and added negative procedural constraints to refuse those attacks. With the procedural constraints, the access control of trusted operating systems can discriminate attack trials from normal behaviors. This paper shows the specification of the extended concept and model, and presents simple analysis results.
URL: https://global.ieice.org/en_transactions/information/10.1093/ietisy/e88-d.3.619/_p
Copy
@ARTICLE{e88-d_3_619,
author={Wook SHIN, Jong-Youl PARK, Dong-Ik LEE, },
journal={IEICE TRANSACTIONS on Information},
title={Extended Role Based Access Control with Procedural Constraints for Trusted Operating Systems},
year={2005},
volume={E88-D},
number={3},
pages={619-627},
abstract={The current scheme of access control judges the legality of each access based on immediate information without considering associate information hidden in a series of accesses. Due to the deficiency, access control systems do not efficiently limit attacks consist of ordinary operations. For trusted operating system developments, we extended RBAC and added negative procedural constraints to refuse those attacks. With the procedural constraints, the access control of trusted operating systems can discriminate attack trials from normal behaviors. This paper shows the specification of the extended concept and model, and presents simple analysis results.},
keywords={},
doi={10.1093/ietisy/e88-d.3.619},
ISSN={},
month={March},}
Copy
TY - JOUR
TI - Extended Role Based Access Control with Procedural Constraints for Trusted Operating Systems
T2 - IEICE TRANSACTIONS on Information
SP - 619
EP - 627
AU - Wook SHIN
AU - Jong-Youl PARK
AU - Dong-Ik LEE
PY - 2005
DO - 10.1093/ietisy/e88-d.3.619
JO - IEICE TRANSACTIONS on Information
SN -
VL - E88-D
IS - 3
JA - IEICE TRANSACTIONS on Information
Y1 - March 2005
AB - The current scheme of access control judges the legality of each access based on immediate information without considering associate information hidden in a series of accesses. Due to the deficiency, access control systems do not efficiently limit attacks consist of ordinary operations. For trusted operating system developments, we extended RBAC and added negative procedural constraints to refuse those attacks. With the procedural constraints, the access control of trusted operating systems can discriminate attack trials from normal behaviors. This paper shows the specification of the extended concept and model, and presents simple analysis results.
ER -