A Generalized Policy Support System and Its Hierarchy Semantics

Yibing Kong, Janusz R. Getta, Ping Yu, Jennifer Seberry

Abstract

One common characteristic of many Policy Support Systems (P S S s) is their dependency on the concept of hierarchy. Hierarchy does not need to be limited to a hierarchy of roles (subject centric) as in traditional Role-Based Access Control (RBAC). Instead, it can be applied to other aspects of P S S such as object, environment, purpose and so on. In this paper, we propose a new generalized model for P S S . The model unifies Generalized Role-Based Access Control (GRBAC) and Enterprise Privacy Practices (E-P3P) policy support systems and generalizes their hierarchy semantics.

References

  1. Moyer, M.J., Ahamad, M.: Generalized role-based access control. In: Proceedings of 21st International Conference on Distributed Computing Systems. (2001) 391-398
  2. Ashley, P., Hada, S., Karjoth, G., Schunter, M.: E-P3P privacy policies and privacy authorization. In: Proceeding of the ACM workshop on Privacy in the Electronic Society, ACM Press (2002) 103-109
  3. Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security (TISSEC) 4 (2001) 224-274
  4. Moffett, J.D.: Control principles and role hierarchies. In: Proceedings of the third ACM workshop on Role-based access control, ACM Press (1998) 63-69
  5. Sandhu, R.: Role activation hierarchies. In: Proceedings of the third ACM workshop on Role-based access control, ACM Press (1998) 33-40
  6. Joshi, J.B.D., Bertino, E., Ghafoor, A.: Hybrid role hierarchy for generalized temporal role based access control model. In: Proceedings of 26th Annual International Computer Software and Applications Conference. (2002) 951-956
  7. Moffett, J.D., Lupu, E.C.: The uses of role hierarchies in access control. In: Proceedings of the fourth ACM workshop on Role-based access control, ACM Press (1999) 153-160
  8. Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible support for multiple access control policies. ACM Transactions on Database Systems (TODS) 26 (2001) 214-260
Download


Paper Citation


in Harvard Style

Kong Y., R. Getta J., Yu P. and Seberry J. (2004). A Generalized Policy Support System and Its Hierarchy Semantics . In Proceedings of the 2nd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2004) ISBN 972-8865-07-4, pages 136-145. DOI: 10.5220/0002667301360145


in Bibtex Style

@conference{wosis04,
author={Yibing Kong and Janusz R. Getta and Ping Yu and Jennifer Seberry},
title={A Generalized Policy Support System and Its Hierarchy Semantics},
booktitle={Proceedings of the 2nd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2004)},
year={2004},
pages={136-145},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002667301360145},
isbn={972-8865-07-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2004)
TI - A Generalized Policy Support System and Its Hierarchy Semantics
SN - 972-8865-07-4
AU - Kong Y.
AU - R. Getta J.
AU - Yu P.
AU - Seberry J.
PY - 2004
SP - 136
EP - 145
DO - 10.5220/0002667301360145