Abstract
Access control systems are designed to allow or deny access to data according to organizational policies. In many organizations, the access rights of subjects to data objects are determined in consideration of clearance levels of subjects and classification levels of objects. In most formally-defined traditional access control systems, levels are predetermined and policies are rigid. However, in practice organizations need to use flexible methods where the levels are determined dynamically by information flow criteria. In this paper, we develop a method that is both formal and flexible to determine entities’ security levels on the basis of access history, which characterizes the data that subjects can know or objects can contain. Our approach is motivated with a number of different examples, showing that the method meets real-life organizational requirements.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sandhu, R.S., Jajodia, S.: Data and database security and controls. Security and controls handbook of Information Security Management. Auerbach Publishers (1993)
Sandhu, R.S.: Lattice-based access control models. Computer 26(11), (1993)
Weissmann, C.: Security controls in the ADEPT-50 timesharing system. AFIPS Conference Proceedings FJCC (1969)
Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Mathematical Foundations. MITRE Corporation (1973)
Biba, K.: Integrity considerations for secure computer systems. Technical Report TR-3153, MITRE Corporation (1977)
Logrippo, L.: Logical Method for Reasoning about Access Control and Data Flow Control Models. To appear in the Proc. of the 7th International Symposium on Foundations and Practice of Security (2014)
Dershowitz, N., Manna, Z.: Proving termination with multiset orderings. Communications of the ACM 22(8), (1979)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Boulares, S., Adi, K., Logrippo, L. (2015). Information Flow-Based Security Levels Assessment for Access Control Systems. In: Benyoucef, M., Weiss, M., Mili, H. (eds) E-Technologies. MCETECH 2015. Lecture Notes in Business Information Processing, vol 209. Springer, Cham. https://doi.org/10.1007/978-3-319-17957-5_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-17957-5_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17956-8
Online ISBN: 978-3-319-17957-5
eBook Packages: Computer ScienceComputer Science (R0)