Sushil Jajodia
Pierangela Samarati
Eliza Bertino
Abstract
Although several access control policies can be devised for controlling access to information, all existing authorization models, and the corresponding enforcement mechanisms, are based on a specific policy (usually the closed policy). As a consequence, although different policy choices are possible in theory, in practice only a specific policy can be actually applied within a given system. However, protection requirements within a system can vary dramatically, and no single policy may simultaneously satisfy them all.
In this paper we present a flexible authorization manager (FAM) that can enforce multiple access control policies within a single, unified system. FAM is based on a language through which users can specify authorizations and access control policies to be applied in controlling execution of specific actions on given objects. We formally define the language and properties required to hold on the security specifications and prove that this language can express all security specifications. Furthermore, we show that all programs expressed in this language (called FAM/CAM-programs) are also guaranteed to be consistent (i.e., no conflicting access decisions occur) and CAM-programs are complete (i.e., every access is either authorized or denied). We then illustrate how several well-known protection policies proposed in the literature can be expressed in the FAM/CAM language and how users can customize the access control by specifying their own policies. The result is an access control mechanism which is flexible, since different access control policies can all coexist in the same data system, and extensible, since it can be augmented with any new policy a specific application or user may require.
- 1 K. Apt, H. Blair, and A. Walker. Towards a theory of declarative knowledge. In J. Minker, editor, Foundations of deductive databases, pages 89-148. Morgan Kaufmann, San Mateo, 1988. Google Scholar
Digital Library
- 2 Elisa Bertino, Claudio Bettini, Elena Ferrari, and Pierangela Samarati. A temporal access control mechanism for database systems. IEEE Trans. on Knowledge and Data Engineering, 8(1):67-80, February 1996. Google ScholarDigital Library
- 3 Elisa Bertino, Sushil Jajodia, and Pierangela Samarati. Supporting multiple access control policies in database systems. In Proc. IEEE Syrup. on Security and Privacy, pages 94-107, Oakland, CA, May 1996. Google ScholarDigital Library
- 4 Elisa Bertino, Pierangela Samarati, and Sushil Jajodia. Authorizations in relational database management systems. In Proc. A CM Conf. on Computer and Communications Security: pages 140-150. Fairfax, \'A. November 1993. Google ScholarDigital Library
- 5 Elisa Bertino, Pierangela Samarati. and Sushil Jajodin. An extended authorization model for relational databases. IEEE Trans. on Knowledge and Data Engineering, 9(1), 1997. Google ScholarDigital Library
- 6 D. F. C. Brewer and M. J. Nash. The Chinese wall security policy. In Proc. Syrup. on Security and Privacy, pages 215-228, Oakland, CA, May 1989.Google ScholarCross Ref
- 7 Hans H. Briiggemann. Rights in an object-oriented environment. In Carl E. Landwehr and Sushil Jajodia, editors, Database Security, V: Status and Prospects, pages 99-115. North-Holland, Amsterdam, 1992. Google ScholarDigital Library
- 8 D. D. Clark and D. R. Wilson. A comparison of commercial and military computer security policies. In Proc. Syrup. on Security and Privacy, pages 184-194, Oakland, CA, 1987.Google ScholarCross Ref
- 9 R. Fagin. On an authorization mechanism. A CM Trans. on Database Systems, 3(3):310-319, September 1978. Google ScholarDigital Library
- 10 M. Gelfond and V. Lifschitz. The stable model semantics for logic programming. In Proc. 5th Int'l. Conf. and Syrup. on Logic Programming, pages 1070-1080, 1988.Google Scholar
- 11 P.G. Griffiths and B. Wade. An authorization mechanism for a relational database system. A CM Trans. on Database Systems, 1(3):243-255, September 1976. Google ScholarDigital Library
- 12 D. Jonscher and K. R. Dittrich. Argos - A configurable access control system for interoperable environmerits. In David L. Spooner, Steven A. Demurjian, and John E. Dobson, editors, Database Security IX: Status and Prospects, pages 43-60. Chapman & Hall, London, 1996. Google ScholarDigital Library
- 13 Dirk Jonscher and Klaus R. Dittrich. An approach for building secure database federations. In Proc. Int'l. Con}. on Very Large Data Bases, pages 24-35, Santiego, Chile, 1994. Google ScholarDigital Library
- 14 T. F. Lunt. Access control policies for database systems. In C. E. Landwehr, editor, Database Security II: Status and Prospects, pages 41-52. North-Holland, Amsterdam, 1989.Google Scholar
- 15 T. Przymusinski. On the declarative semantics of deductive databases and logic programs. In J. Minker, editor, Foundations of deductive databases, pages 193- 216. Morgan Kaufmann, San Mateo, 1988. Google ScholarCross Ref
- 16 F. Rabitti, E. Bertino, W. Kim, and D. Woelk. A model of authorization for next-generation database systems. A CM Trans. on Database Systems, 16(1):89- 131, March 1991. Google ScholarDigital Library
- 17 H. Shen and P. Dewan. Access control for collaborative environments. In Proc. A CM Conf. on Computer Supported Cooperative Work, pages 51-58, November 1992. Google ScholarDigital Library
- 18 A. van Gelder. The alternating fixpoint of logic programs with negation. In A CM Syrup. on Principles of Database Systems, pages 1-10, 1989. Google ScholarDigital Library
- 19 Thomas Y. C. Woo and Simon S. Lam. Authorizations in distributed systems: A new approach. Journal of Computer Security, 2(2,3):107-136, 1993.Google Scholar
Index Terms
- A unified framework for enforcing multiple access control policies
Recommendations
Flexible support for multiple access control policies
Although several access control policies can be devised for controlling access to information, all existing authorization models, and the corresponding enforcement mechanisms, are based on a specific policy (usually the closed policy). As a consequence, ...
A unified framework for enforcing multiple access control policies
SIGMOD '97: Proceedings of the 1997 ACM SIGMOD international conference on Management of dataAlthough several access control policies can be devised for controlling access to information, all existing authorization models, and the corresponding enforcement mechanisms, are based on a specific policy (usually the closed policy). As a consequence, ...
Enforcing Privacy Policies with Meta-Code
APSys '15: Proceedings of the 6th Asia-Pacific Workshop on SystemsThis paper proposes a mechanism for expressing and enforcing security policies for shared data. Security policies are expressed as stateful meta-code operations; meta-code can express a broad class of policies, including access-based policies, use-based ...
Comments