An access control model for simplifying constraint expression

J. E. Tidswell, Trent Ray Jaeger

Research output: Contribution to conferencePaperpeer-review

30 Scopus citations


Assurance that an access control configuration will not result in the leakage of a right to an unauthorized principal, called safety, is fundamental to ensuring that the most basic of access control policies can be enforced. Safety is achieved either through the use of limited models or the verification of safety via constraints. Currently, almost all critical safety requirements are enforced using limited models because constraint expression languages are far too complex for typical administrators to use properly. We propose a new approach to expressing constraints that has the following properties: (1) an access control policy is expressed using a graphical model in which the nodes represent sets (e.g., of subjects, objects, etc.) and the edges represent binary relationships on those sets and (2) constraints are expressed using a few, simple set operators on graph nodes. While it is possible to extend the semantics of the basic graph model in several ways, and we propose some we found useful, the basic result is that a wide variety of safety policies can be expressed with simple, binary constraints. We demonstrate this model using several examples ranging from safety expression for multilevel security models to separation of duty. Our hope is that this model can be a base for defining critical safety requirements for models that have more flexibility that traditional multilevel models.

Original languageEnglish (US)
Number of pages10
StatePublished - Dec 1 2000
Event7th ACM Conference on Computer Communications Security - Athens, Greece
Duration: Nov 1 2000Nov 4 2000


Other7th ACM Conference on Computer Communications Security

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'An access control model for simplifying constraint expression'. Together they form a unique fingerprint.

Cite this