Skip to main content
SpringerLink
Log in
Book cover

Encyclopedia of Cryptography and Security pp 13–14Cite as

Access Control Policies, Models, and Mechanisms

  • Reference work entry

Related Concepts

Discretionary Access Control Policies (DAC); Mandatory Access Control Policy (MAC); Role-Based Access Control Policies (RBAC)

Definition

The development of an access control system requires the definition of the high-level rules (policies) used to verify whether an access request is to be granted or denied. A policy is then formalized through a security model and is enforced by an access control mechanism.

Background

An important requirement of any computer system is to protect its data and resources against unauthorized disclosure (secrecy) and unauthorized or improper modifications (integrity), while at the same time ensuring their availability to legitimate users (no denials of service) [3]. The problem of ensuring protection has existed since information has been managed. A fundamental component in enforcing protection is represented by the access controlservice. Access control is the process of controlling every request to a system and determining, based on...

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   799.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD   949.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Recommended Reading

  1. Anderson JP (1972) Computer security technology planning study. Technical Report ESD-TR-73-51. Electronic System Division/AFSC, Bedford, MA, October 1972

    Google Scholar 

  2. Landwehr CE (1981) Formal models for computer security. ACM Comput Surv 13(3):247–278

    Article  Google Scholar 

  3. Samarati P, De Capitani di Vimercati S (2001) Access control: policies, models, and mechanisms. In: Focardi R, Gorrieri R (eds) Foundations of security analysis and design. Lecture notes in computer science, vol 2171. Springer, Heidelberg

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. DTI - Dipartimento di Tecnologie dell’Informazione (DTI), Università degli Studi di Milano, Via Bramante 65, 26013, Crema (CR), Italy

    Sabrina De Capitani di Vimercati

Authors
  1. Sabrina De Capitani di Vimercati
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Mathematics and Computing Science, Eindhoven University of Technology, 5600 MB, Eindhoven, The Netherlands

    Henk C. A. van Tilborg

  2. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030-4422, USA

    Sushil Jajodia

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer Science+Business Media, LLC

About this entry

Cite this entry

De Capitani di Vimercati, S. (2011). Access Control Policies, Models, and Mechanisms. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_806

Download citation

Publish with us

Policies and ethics

Search

Navigation