### Abstract

Assurance that an access control configuration will not result in the leakage of a right to an unauthorized principal, called safety, is fundamental to ensuring that the most basic of access control policies can be enforced. Safety is achieved either through the use of limited models or the verification of safety via constraints. Currently, almost all critical safety requirements are enforced using limited models because constraint expression languages are far too complex for typical administrators to use properly. We propose a new approach to expressing constraints that has the following properties: (1) an access control policy is expressed using a graphical model in which the nodes represent sets (e.g., of subjects, objects, etc.) and the edges represent binary relationships on those sets and (2) constraints are expressed using a few, simple set operators on graph nodes. While it is possible to extend the semantics of the basic graph model in several ways, and we propose some we found useful, the basic result is that a wide variety of safety policies can be expressed with simple, binary constraints. We demonstrate this model using several examples ranging from safety expression for multilevel security models to separation of duty. Our hope is that this model can be a base for defining critical safety requirements for models that have more flexibility that traditional multilevel models.

Original language | English (US) |
---|---|

Pages | 154-163 |

Number of pages | 10 |

State | Published - Dec 1 2000 |

Event | 7th ACM Conference on Computer Communications Security - Athens, Greece Duration: Nov 1 2000 → Nov 4 2000 |

### Other

Other | 7th ACM Conference on Computer Communications Security |
---|---|

Country | Greece |

City | Athens |

Period | 11/1/00 → 11/4/00 |

### Fingerprint

### All Science Journal Classification (ASJC) codes

- Software
- Computer Networks and Communications

### Cite this

*An access control model for simplifying constraint expression*. 154-163. Paper presented at 7th ACM Conference on Computer Communications Security, Athens, Greece.

}

**An access control model for simplifying constraint expression.** / Tidswell, J. E.; Jaeger, Trent Ray.

Research output: Contribution to conference › Paper

TY - CONF

T1 - An access control model for simplifying constraint expression

AU - Tidswell, J. E.

AU - Jaeger, Trent Ray

PY - 2000/12/1

Y1 - 2000/12/1

N2 - Assurance that an access control configuration will not result in the leakage of a right to an unauthorized principal, called safety, is fundamental to ensuring that the most basic of access control policies can be enforced. Safety is achieved either through the use of limited models or the verification of safety via constraints. Currently, almost all critical safety requirements are enforced using limited models because constraint expression languages are far too complex for typical administrators to use properly. We propose a new approach to expressing constraints that has the following properties: (1) an access control policy is expressed using a graphical model in which the nodes represent sets (e.g., of subjects, objects, etc.) and the edges represent binary relationships on those sets and (2) constraints are expressed using a few, simple set operators on graph nodes. While it is possible to extend the semantics of the basic graph model in several ways, and we propose some we found useful, the basic result is that a wide variety of safety policies can be expressed with simple, binary constraints. We demonstrate this model using several examples ranging from safety expression for multilevel security models to separation of duty. Our hope is that this model can be a base for defining critical safety requirements for models that have more flexibility that traditional multilevel models.

AB - Assurance that an access control configuration will not result in the leakage of a right to an unauthorized principal, called safety, is fundamental to ensuring that the most basic of access control policies can be enforced. Safety is achieved either through the use of limited models or the verification of safety via constraints. Currently, almost all critical safety requirements are enforced using limited models because constraint expression languages are far too complex for typical administrators to use properly. We propose a new approach to expressing constraints that has the following properties: (1) an access control policy is expressed using a graphical model in which the nodes represent sets (e.g., of subjects, objects, etc.) and the edges represent binary relationships on those sets and (2) constraints are expressed using a few, simple set operators on graph nodes. While it is possible to extend the semantics of the basic graph model in several ways, and we propose some we found useful, the basic result is that a wide variety of safety policies can be expressed with simple, binary constraints. We demonstrate this model using several examples ranging from safety expression for multilevel security models to separation of duty. Our hope is that this model can be a base for defining critical safety requirements for models that have more flexibility that traditional multilevel models.

UR - http://www.scopus.com/inward/record.url?scp=0034447078&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0034447078&partnerID=8YFLogxK

M3 - Paper

SP - 154

EP - 163

ER -