Definitions
Access Control Model
An access control model consists of:
An access control policy which specifies the authorized accesses of a protection system.
An administration model which specifies how the access control policy can be updated.
Access Control Mechanism
An access control mechanism is a hardware or software solution for enforcing an access control policy.
Theory
Access Control Models
This section reviews existing access control models. More can be found about this topic in the Access Control Models entry.
Access control models can be grouped into the following classes: discretionary access control (DAC) models, mandatory access control (MAC) models, role based access control (RBAC) models, and more advanced control models that can be referred to as context-based access control (CBAC) models.
In discretionary access control models such...
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Harrison MA, Ruzzo WL, Ullman JD (1976) Protection in operating systems. Commun ACM 19(8):461–471
Bell D, La Padula L (1975) Secure computer systems: unified exposition and multics interpretation. Technical report ESD-TR-75-306, MTR-2997, MITRE, Bedford
Biba K (1976) Integrity considerations for computer systems. Technical report ESD-TR-76-372, MITRE, Bedford
Ferraiolo DF, Kuhn DR (1992) Role based access controls. In: 15th national computer security conference, pp 554–563
Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R (2001) Proposed NIST standard for role-based access control. ACM Trans Inf Syst Sec 4(3):222–274
Sandhu R, Bhamidipati V, Munawer Q (1999) The ARBAC97 model for role-based administration of roles. ACM Trans Inf Syst Sec 2(1):105–135
Yuan E, Tong J (2005) Attributed Based Access Control (ABAC) for web services. In: Proceedings of the IEEE international conference on web services (ICWS’05). IEEE Computer Society, Washington, pp 561–569
Bertino E, Catania E, Damiani M, Persasca P (2005) GEO-RBAC: a spatially aware RBAC. In: 10th ACM symposium on access control models and technologies (SACMAT), Stockholm, pp 29–37
Joshi JBD, Bertino E, Latif U, Ghafoor A (2005) Generalized temporal role-based access control model. IEEE Trans Knowl Data Eng 17(1):4–23
Cuppens F, Cuppens-Boulahia N (2008) Modeling contextual security policies. Int J Inf Sec (IJIS) 7(4):285–305
Jajodia S, Samarati P, Sapino ML, Subrahmanian VS (2001) Flexible support for multiple access control policies. ACM Trans Database Syst 26(2):214–260
Damiani E, De Capitani di Vimercati S, Paraboschi S, Samarati P (2000) Securing XML documents. In: Proceedings of the 2000 international conference on extending database technology (EDBT2000), Konstanz, 27–31 March 2000
Luo B, Lee D, Lee W, Liu P (2004) QFilter: fine-grained run-time XML access control via NFA-based query rewriting, CIKM’04. Washington, DC, USA, 8–13 November, 2004. ACM, pp 543–552
Gabillon A, Bruno E (2001) Regulating access to XML documents. In: Fifteenth annual IFIP WG 11.3 working conference on database security. Niagara on the Lake, Ontario, 15–18 July 2001
Gabillon A (2004) An authorisation model for XML DataBases. In: Proceedings of the 11th ACM conference on computer security (workshop secure web services). George Mason University, Fairfax
Damiani E, Fansi M, Gabillon A, Marrara S (2008) A general approach to securely querying XML. Comput Stand Interface 30:379–389
Yu T, Winslett M, Seamons KE (2003) Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation. ACM Trans Inf Syst Sec 6(1):1–42
Cuppens F, Cuppens-Boulahia N, Coma C (2006) O2O: virtual private organizations to manage security policy interoperability. In: Second international conference on information systems security (ICISS’06), Calcutta
Denning DER (1982) Cryptography and data security. Addison-Wesley, Reading
Park J, Sandhu R (2004) The UCON-ABC usage control model. ACM Trans Inf Syst Sec 7(1):128–174
Cuppens F, Cuppens-Boulahia N, Sans T (2005) Nomad: a security model with non atomic actions and deadlines. In: Proceedings of the 18th IEEE workshop on computer security foundations (CSFW), Aix en Provence
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Gabillon, A. (2011). Web Access Control Strategies. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_664
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_664
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering