ABSTRACT
Though a user's privileges are often granted based on the tasks that the user is expected to fulfill, the concept of tasks is usually not explicitly modeled in access control. We propose a system where tasks are the central concept that associates users to privileges. Ideally a user should be able to utilize these privileges and fulfill his tasks, but not to take harmful actions. To ensure this, a system often specifies a high-level security property to restrict the sequence of actions that a user can perform. In this paper, we propose a general model of access control in task-based system. This model considers the permissions a user as well as their temporal availability. Based on this model, we investigate the problem of enforcing security properties both statically (i.e., when tasks are assigned) and dynamically (i.e., when actions are performed). We study the complexity of static enforcement, and design efficient dynamic enforcement algorithms that avoiding unnecessary history tracking.
- Tanvir Ahmed and Anand R. Tripathi. Static verification of security requirements in role based cscw systems. In SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologies, pages 196--203, New York, NY, USA, 2003. ACM Press. Google ScholarDigital Library
- Bowen Alpern and Fred B. Schneider. Recognizing safety and liveness. Distributed Computing, 2(3):117--126, 1987.Google ScholarDigital Library
- L. Bauer, J. Ligatti, and D. Walker. More enforceable security policies, 2002.Google Scholar
- Elisa Bertino, Piero Andrea Bonatti, and Elena Ferrari. Trbac: A temporal role-based access control model. ACM Trans. Inf. Syst. Secur., 4(3):191--233, 2001. Google ScholarDigital Library
- Elisa Bertino, Elena Ferrari, and Vijay Atluri. The specification and enforcement of authorization constraints in workflow management systems. ACM Transactions on Information and System Security, 2(1):65--104, February 1999. Google ScholarDigital Library
- Daniel J. Dougherty, Kathi Fisler, and Shriram Krishnamurthi. Specifying and reasoning about dynamic access-control policies. In IJCAR, pages 632--646, 2006. Google ScholarDigital Library
- Steven T. Eckmann, Giovanni Vigna, and Richard A. Kemmerer. Statl: an attack language for state-based intrusion detection. J. Comput. Secur., 10(1-2):71--103, 2002. Google ScholarCross Ref
- Kathi Fisler, Shriram Krishnamurthi, Leo A. Meyerovich, and Michael Carl Tschantz. Verification and change-impact analysis of access-control policies. In ICSE '05: Proceedings of the 27th international conference on Software engineering, pages 196--205, 2005. Google ScholarDigital Library
- Jeremy Frank and Matt Bishop. Extending the take-grant protection system. Technical Report Technical Report, Department of Computer Science, University of California at Davis, 1996.Google Scholar
- Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. Protection in operating systems. Communications of the ACM, 19(8):461--471, August 1976. Google ScholarDigital Library
- Anita K. Jones, Richard J. Lipton, and Lawrence Snyder. A linear time algorithm for deciding security. In 17th Annual IEEE Symposium on Foundations of Computer Science (FOCS), pages 33--41, October 1976. Google ScholarDigital Library
- Ninghui Li, William H. Winsborough, and John C. Mitchell. Beyond proof-of-compliance: Safety and availability analysis in trust management. In Proceedings of IEEE Symposium on Security and Privacy, pages 123--139. IEEE Computer Society Press, May 2003. Google ScholarDigital Library
- Fabio Martinelli, Paolo Mori, and Anna Vaccarelli. Towards continuous usage control on grid computational services. icas-icns, 0:82, 2005.Google Scholar
- Ravi S. Sandhu. The typed access matrix model. In SP '92: Proceedings of the 1992 IEEE Symposium on Security and Privacy, page 122, Washington, DC, USA, 1992. IEEE Computer Society. Google ScholarDigital Library
- Andreas Schaad, Volkmar Lotz, and Karsten Sohr. A model-checking approach to analysing organisational controls in a loan origination process. In SACMAT '06: Proceedings of the eleventh ACM symposium on Access control models and technologies, pages 139--149, New York, NY, USA, 2006. ACM Press. Google ScholarDigital Library
- Andreas Schaad, Pascal Spadone, and Helmut Weischsel. A Case Study of Separation of Duty Properties in The Context of the Austrian "eLaw" Process. In Proceedings of the 20th Annual ACM Symposium on Applied Computing (SAC'05), Santa Fe, Nex Mexico, March 2005. Google ScholarDigital Library
- Fred B. Schneider. Enforceable security policies. ACM Trans. Inf. Syst. Secur., 3(1):30--50, 2000. Google ScholarDigital Library
- R. Sekar, V. Venkatakrishnan, S. Basu, S. Bhatkar, and D. DuVarney. Model-carrying code: A practical approach for safe execution of untrusted applications, 2003.Google Scholar
- R. K. Thomas and R. S. Sandhu. Towards a task-based paradigm for flexible and adaptable access control in distributed applications. In NSPW '92-93: Proceedings on the 1992-1993 workshop on New security paradigms, pages 138--142, New York, NY, USA, 1993. ACM Press. Google ScholarDigital Library
- Roshan K. Thomas and Ravi S. Sandhu. Task-based authorization controls (tbac): A family of models for active and enterprise-oriented autorization management. In Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI, pages 166--181, London, UK, UK, 1998. Chapman & Hall, Ltd. Google Scholar
- Qihua Wang and Ninghui Li. Direct static enforcement of high-level security policies. In ASIACCS '07: Proceedings of the 2nd ACM symposium on Information, computer and communications security, pages 214--225, New York, NY, USA, 2007. ACM Press. Google ScholarDigital Library
Index Terms
- Enforcing security properties in task-based systems
Recommendations
Dynamic authorisation policies for event-based task delegation
CAiSE'10: Proceedings of the 22nd international conference on Advanced information systems engineeringTask delegation presents one of the business process security leitmotifs. It defines a mechanism that bridges the gap between both workflow and access control systems. There are two important issues relating to delegation, namely allowing task ...
Towards Proactive Policies Supporting Event-Based Task Delegation
SECURWARE '09: Proceedings of the 2009 Third International Conference on Emerging Security Information, Systems and TechnologiesDelegation mechanisms are receiving increasing interest from the research community. Task delegation is a mechanism that supports organisational flexibility in the human-centric workflow systems, and ensures delegation of authority in access control ...
Security rules versus security properties
ICISS'10: Proceedings of the 6th international conference on Information systems securityThere exist many approaches to specify and to define security policies. We present here a framework in which the basic components of security policies can be expressed, and we identify their role in the description of a policy, of a system and of a ...
Comments