Identyfikatory
Warianty tytułu
Języki publikacji
Abstrakty
The paper presents an application of an RT-family trust management language as a basis for an access control model. The discussion concerns a secure workstation running multiple virtual machines used to process sensitive information from multiple security domains, providing strict separation of the domains. The users may act in several different roles, with different access rights. The inference mechanisms of the language are used to translate credentials allowing users to access different functional domains, and assigning virtual machines to these domains into clear rules, regulating the rights of a particular user to a particular machine, taking into account different periods of validity of different credentials. The paper also describes a prototype implementation of the model.
Rocznik
Tom
Strony
13--21
Opis fizyczny
Bibliogr. 11 poz., rys.
Twórcy
autor
autor
- Research and Academic Computer Network (NASK), Wąwozowa st 18, 02-796 Warszawa, Poland, krzysztof.lasota@nask.pl
Bibliografia
- [1] A. Kozakiewicz, A. Felkner, J. Furtak, Z. Zieliński, M. Brudka, and M. Małowidzki, “Secure workstation for special applications”, in Secure and Trust Computing, Data Management, and Applications, C. Lee, J.-M. Seigneur, J. J. Park, R. R. Wagner, Eds., Communications in Computer and Information Science, vol. 187. Berlin: Springer, 2011, pp. 174–181.
- [2] N. Li, J. Mitchell, and W. Winsborough, “Design of a role-based trust-management framework”, in Proc. IEEE Symp. Secur. Priv., Oakland, CA, USA, 2002, pp. 114–130.
- [3] A. Felkner, “Modeling trust management in computer systems”, in Proc. IX Int PhD Worksh OWD 2007, Conf Archives PTETiS, Wisła, Poland, 2007, vol. 23, pp. 65–70.
- [4] D. Ferraiolo and D. Kuhn, “Role-based access control”, in Proc. 15th Nat. Comp. Secur. Conf., Barltimore, USA, 1992, pp. 554–563.
- [5] N. Li and J. Mitchell, “RT: A role-based trust-management framework”, in Proc. 3rd DARPA Inform. Survivability Conf. Exp., Washington, DC, USA, 2003, pp. 201–212.
- [6] N. Li, W. Winsborough, and J. Mitchell, “Distributed credential chain discovery in trust management”, J. Comput. Secur, vol. 1, pp. 35–86, 2003.
- [7] A. Felkner and K. Sacha, “Deriving RTT credentials for role based trust management”, e-Informatica Softw. Engin. J. (ISEJ), vol. 4, pp. 9–19, 2010.
- [8] A. Felkner and A. Kozakiewicz, “Time validity in role-based trust management inference system”, in Secure and Trust Computing, Data Management, and Applications, C. Lee, J.-M. Seigneur, J. J. Park, and R. R. Wagner, Eds., Communications in Computer and Information Science, vol. 187. Berlin: Springer, 2011, pp. 7–15.
- [9] A. Felkner and A. Kozakiewicz, “Czasowa ważność poświadczeń języka RTT+ ”, Studia Informatica, vol. 32, pp. 145–154, 2011 (in Polish).
- [10] D. D. Bell and L. J. La Padula, “Secure Computer System: Unified Exposition and Multics Interpretation”, ESDTR-75-306, Bedford, MA: ESD/AFSC, Hanscom AFB, 1974 [Online]. Available: http://csrc.nist.gov/publications/history/bell76.pdf
- [11] D. E. Bell, “Looking back at the Bell-La Padula model”, in Proc. 21st Ann. Comp. Secur. Appl. Conf. ACSAC 2005, Tucson, AZ, USA, 2005, pp. 337–351.
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-article-BATA-0017-0002