Skip to main content
SpringerLink
Log in

Safety Problems in Access Control with Temporal Constraints

  • Conference paper
Computer Network Security (MMM-ACNS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3685))

  • 848 Accesses

Abstract

Most of access control mechanisms use the matrix model to represent protection states of computer systems. We present a variant of the access control matrix model obtained by incorporating temporal constraints saying that “subject s has right r on object o since at least duration d”. In connection with this enriched model, we also discuss the decidable and undecidable cases of one of the major themes of computer security, namely the classical safety problem for access control matrices.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bertino, E., Bonatti, P., Ferrari, E.: TRBAC: a temporal role-based access control model. ACM Transactions on Information and System Security 4, 65–104 (2001)

    Google Scholar 

  2. Bishop, M.: Computer Security: Art and Science. Addison-Wesley, Reading (2003)

    Google Scholar 

  3. Ferraiolo, D., Barkley, J., Kuhn, D.: A role-based access control model and reference implementation within a corporate intranet. ACM Transactions on Information And System Security 2, 34–64 (1999)

    Article  Google Scholar 

  4. Ferraiolo, D., Kuhn, D., Chandramouli, R.: Role-Based Access Control. Artech House (2003)

    Google Scholar 

  5. Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Transactions on Information And System Security 4, 224–274 (2001)

    Article  Google Scholar 

  6. Gal, A., Atluri, V.: An authorization model for temporal data. In: Proceedings of the 7th ACM conference on Computer and Communications Security, pp. 144–153. ACM Press, New York (2000)

    Chapter  Google Scholar 

  7. Harrison, M., Ruzzo, W.: Monotonic protection systems. In: Foundations of Secure Computation, pp. 337–363. Academic Press, London (1978)

    Google Scholar 

  8. Harrison, M., Ruzzo, W., Ullman, J.: Protection in operating systems. Communications of the ACM 19, 461–471 (1976)

    Article  MATH  MathSciNet  Google Scholar 

  9. Lampson, B.: Protection. Operating Systems Review 8, 18–24 (1974)

    Article  Google Scholar 

  10. Miller, D., Baldwin, R.: Access control by Boolean expression evaluation. In: Fifth Annual Computer Security Conference, pp. 131–139. IEEE Computer Society Press, Los Alamitos (1990)

    Google Scholar 

  11. Sandhu, R.: The typed access matrix model. In: 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 122–136. IEEE Computer Society Press, Los Alamitos (1992)

    Chapter  Google Scholar 

  12. Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. Computer 29, 38–47 (1996)

    Article  Google Scholar 

  13. Sandhu, R., Ganta, S.: On testing for absence of rights in access control models. In: The Computer Security Foundations Workshop VI, pp. 109–118. IEEE Computer Society Press, Los Alamitos (1993)

    Chapter  Google Scholar 

  14. Soshi, M.: Safety analysis of the dynamic-typed access matrix model. In: Cuppens, F., Deswarte, Y., Gollmann, D., Waidner, M. (eds.) ESORICS 2000. LNCS, vol. 1895, pp. 106–121. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institut de recherche en informatique de Toulouse, Université Paul Sabatier, 31062 Cedex 09, Toulouse, France

    Philippe Balbiani & Fahima Cheikh

Authors
  1. Philippe Balbiani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fahima Cheikh
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Intitute for Informaticsand Automation, 39, 14-th Liniya, 199178, St. Petersburg, Russia

    Vladimir Gorodetsky

  2. Computer Security Research Group, St. Petersburg Institute for Informatics and Automation, 39, 14 Liniya, 199178, St.-Petersburg, Russia

    Igor Kotenko

  3. US Air Force, Binghamton University (SUNYI), 13902, Binghamton, NY, USA

    Victor Skormin

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Balbiani, P., Cheikh, F. (2005). Safety Problems in Access Control with Temporal Constraints. In: Gorodetsky, V., Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2005. Lecture Notes in Computer Science, vol 3685. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11560326_13

Download citation

  • DOI: https://doi.org/10.1007/11560326_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-29113-8

  • Online ISBN: 978-3-540-31998-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation