Skip to main content
SpringerLink
Log in

Implementation of Access Control Model for Distributed Information Systems Using Usage Control

  • Conference paper
Book cover Security and Intelligent Information Systems (SIIS 2011)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 7053))

Abstract

Currently, the rapid development of information technology requires also the additional features for access control domain. The information is more and more distributed through the networks or federation of numerous information systems located in different places in a country or on the globe. In order to meet the requirements and problems of modern access control, a new implementation of access control model, called implementation of Role-based Usage Control (iRBUC) model is proposed. Proposed iRBUC assures the usage control in accessing data, which is very important especially in distributed information systems, and assures the organization of access control strategies well-described in RBAC (Role-Based Access Control) model or its extensions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Castaro, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison-Wesley (1994)

    Google Scholar 

  2. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)

    Article  Google Scholar 

  3. Sandhu, R.S., Samarati, P.: Access Control: Principles and Practice. IEEE Communication 32(9), 40–48 (1994)

    Article  Google Scholar 

  4. Ferraiolo, D., Sandhu, R.S., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Role-Based Access control. ACM TISSEC (2001)

    Google Scholar 

  5. Booch, G., Rumbaugh, J., Jacobson, I.: The Unified Modeling Language User Guide. Addison Wesley (1998)

    Google Scholar 

  6. Ahn, G.-J.: The RCL 2000 Language for Specifying Role-Based Authorization Constraints. ACM Transactions on Information and Systems Security (1999)

    Google Scholar 

  7. Ahn, G.-J., Sandhu, R.S.: Role-based Authorization Constraints Specification. ACM Transactions on Information and Systems Security (2000)

    Google Scholar 

  8. Poniszewska-Maranda, A., Goncalves, G., Hemery, F.: Representation of extended RBAC model using UML language. In: Vojtáš, P., Bieliková, M., Charron-Bost, B., Sýkora, O. (eds.) SOFSEM 2005. LNCS, vol. 3381, pp. 413–417. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Goncalves, G., Poniszewska-Maranda, A.: Role engineering: from design to evaluation of security schemas. Journal of Systems and Software 81(8), 1306–1326 (2008)

    Article  Google Scholar 

  10. Poniszewska-Maranda, A.: Access Control Models in Heterogeneous Information Systems: from Conception to Exploitation. In: Proc. of IEEE International Multiconference on Computer Science and Information Technology, Wisla, Poland (2008)

    Google Scholar 

  11. Lampson, B.W.: Protection. ACM Operating Systems Review 8(1), 18–24 (1974)

    Article  MATH  Google Scholar 

  12. Dows, D., Rub, J., Kung, K., Jordan, C.: Issues in discretionary access control. In: IEEE Symposium on Research in Security and Privacy, pp. 208–218 (1985)

    Google Scholar 

  13. Bell, D., Lapadulla, L.: Secure computer systems: Unified exposition and multics interpretation, Mitre Corporation (1975)

    Google Scholar 

  14. Bertino, E., Bettini, C., Samarati, P.: A Temporal Access Control Mechanism for Database Systems. IEEE TKDE 8(1) (1996)

    Google Scholar 

  15. Bertino, E., Bonatti, P., Ferrari, E.: A Temporal Role-based Access Control Model. ACM TISSEC 4(3), 191–233 (2001)

    Article  Google Scholar 

  16. Gal, A., Atluri, V.: An Authorization Model for Temporal Data. ACM Transaction on Information and System Security 5(1) (2002)

    Google Scholar 

  17. James, B., Joshi, E., Bertino, U., Latif, A., Ghafoo, A.: A Generalized Temporal Role-Based Access Control Model. IEEE Transitions on Knowledge and Data Engineering 17(1), 4–23 (2005)

    Article  Google Scholar 

  18. Park, J., Sandhu, R.: The UCON ABC Usage Control Model. ACM Transactions on Information and System Security 7 (2004)

    Google Scholar 

  19. Park, J., Zhang, X., Sandhu, R.: Attribute Mutability in Usage Control. In: 18th IFIP WG 11.3 Working Conference on Data and Applications Security (2004)

    Google Scholar 

  20. Lazouski, A., Martinelli, F., Mori, P.: Usage control in computer security: A survey. Computer Science Review 4(2), 81–99 (2010)

    Article  Google Scholar 

  21. Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Communications of the ACM 49(9) (2006)

    Google Scholar 

  22. Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal Model and Policy Specification of Usage Control. ACM TISSEC 8(4), 351–387 (2005)

    Article  Google Scholar 

  23. Jiang, Z., Hu, S., Gan, S., Shu, Y.: Research on an UCON model supporting distributed management. In: Proc. of ICIA 2008, pp. 1520–1524 (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Technology, Technical University of Lodz, Poland

    Aneta Poniszewska-Maranda

Authors
  1. Aneta Poniszewska-Maranda
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Pascal Bouvry Mieczysław A. Kłopotek Franck Leprévost Małgorzata Marciniak Agnieszka Mykowiecka Henryk Rybiński

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Poniszewska-Maranda, A. (2012). Implementation of Access Control Model for Distributed Information Systems Using Usage Control. In: Bouvry, P., Kłopotek, M.A., Leprévost, F., Marciniak, M., Mykowiecka, A., Rybiński, H. (eds) Security and Intelligent Information Systems. SIIS 2011. Lecture Notes in Computer Science, vol 7053. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25261-7_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-25261-7_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-25260-0

  • Online ISBN: 978-3-642-25261-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation