An administrative model for UCON
Data(s) |
01/01/2010
|
---|---|
Resumo |
UCON is an emerging access control framework that lacks an administration model. In this paper we define the problem of administration and propose a novel administrative model. At the core of this model is the concept of attribute, which is also the central component of UCON. In our model, attributes are created by the assertions of subjects, which ascribe properties/rights to other subjects or objects. Through such a treatment of attributes, administration capabilities can be delegated from one subject to another and as a consequence UCON is improved in three aspects. First, immutable attributes that are currently considered as external to the model can be incorporated and thereby treated as mutable at- tributes. Second, the current arbitrary categorisation of users (as modifiers of attributes), to system and administrator can be removed. Attributes and objects are only modifiable by those who possess administration capability over them. Third, the delegation of administration over objects and properties that is not currently expressible in UCON is made possible. |
Formato |
application/pdf |
Identificador | |
Publicador |
Conferences in Research and Practice in Information Technology (CRPIT) |
Relação |
http://eprints.qut.edu.au/31415/1/c31415.pdf http://conf.isi.qut.edu.au/aisc10/ Salim, Farzad, Reid, Jason F., & Dawson, Edward (2010) An administrative model for UCON. In Proceedings of he 8th Australasian Information Security Conference (AISC 2010), Conferences in Research and Practice in Information Technology (CRPIT), Queensland University of Technology, Brisbane, Queensland, pp. 32-38. |
Direitos |
Copyright 2010 Australian Computer Society, Inc. |
Fonte |
Computer Science; Faculty of Science and Technology; Information Security Institute |
Palavras-Chave | #080303 Computer System Security #Information Security #Access Control Model #Usage Control #Trust Management #Administration |
Tipo |
Conference Paper |