skip to main content
10.1145/2523514.2523548acmotherconferencesArticle/Chapter ViewAbstractPublication PagessinConference Proceedingsconference-collections
short-paper

An HBAC-based approximation for IBAC programs

Published: 26 November 2013 Publication History

Abstract

Access control models are adopted in modern component-based systems, such as Java, in order to protect critical resources and operations. One of the last models presented, Information-Based Access Control model (IBAC), has been proposed to solve the excessive restrictiveness of the History-Based Access Control model (HBAC), which may incorrectly prevent the execution of security-sensitive operations that should be executed. However, the semantics of the IBAC model are relatively recent and complicated to be easily implemented in a real environment. In this paper we informally propose an algorithm to approximate a subset of IBAC programs into a program that uses HBAC semantics. Accomplishing this, an IBAC program from the subset we defined could be implemented in an environment that is supported by HBAC.

References

[1]
M. Abadi, C. Fournet. Access Control Based on Execution History. In 11th Network and Distributed System Security Symposium, February 2003.
[2]
M. Pistoia, A. Banerjee, D. A. Naumann. Beyond Stack Inspection: A Unified Access-Control and Information-Flow Security Model. In Security and Privacy IEEE Symposium, pages 149--163, May 2007.
[3]
L. Gong, M. Mueller, H. Prafullchandra, R. Schemers. Going Beyond The Sandbox: An Overview of the New Security Architecture in the Java#8482; Development Kit 1.2. In USENIX Symposium on Internet Technologies and Systems, pages 103--112, 1997
[4]
A. Banerjee, D. A. Naumann. History-based Access Control and Secure Information Flow. In Construction and Analysis of Safe, Secure, and Interoperable Smart Devices, pages 27--48, 2004.
[5]
S. Schwoon. Model-cheking Pushdown Systems. PhD thesis, Technical University of Munich, 2002.
[6]
F. Martinelli, P. Mori. Enhancing Java Security with History Based Access Control. In Foundations of Security Analysis and Design, pages 135--159, 2007.
[7]
G. Edjlali, A. Acharya, V. Chaudhary. History-based Access Control for Mobile Code. In Computer and Communicacions Security, ACM, New York, USA, pages 38--48, 1998.
[8]
K. Krukow, M. Nielsen, V. Sassone. A Logical Framework for History-based Access Control and Reputation Systems. In Journal of Computer Security, 16(1): 63--101, January 2008.

Index Terms

  1. An HBAC-based approximation for IBAC programs

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    SIN '13: Proceedings of the 6th International Conference on Security of Information and Networks
    November 2013
    483 pages
    ISBN:9781450324984
    DOI:10.1145/2523514
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    • Macquarie U., Austarlia
    • MNIT: Malaviya National Institute of Technology
    • Aksaray Univ.: Aksaray University
    • SFedU: Southern Federal University

    In-Cooperation

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 26 November 2013

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. access control models
    2. algorithm
    3. approximation

    Qualifiers

    • Short-paper

    Conference

    SIN '13
    Sponsor:
    • MNIT
    • Aksaray Univ.
    • SFedU

    Acceptance Rates

    Overall Acceptance Rate 102 of 289 submissions, 35%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • 0
      Total Citations
    • 31
      Total Downloads
    • Downloads (Last 12 months)0
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 20 Jan 2025

    Other Metrics

    Citations

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Media

    Figures

    Other

    Tables

    Share

    Share

    Share this Publication link

    Share on social media