Evaluating and improving access control

J. Crampton, G. Loizou, G. O'Shea

Research output: Working paper


Our recent work provides a theoretical basis for the development of tools for reasoning about the operational implications of a particular configuration of the access control mechanism of an operating system. Herein we introduce a set-theoretic model of an access control policy and the concept of consistency of the state of an access control mechanism with a given access control policy. Our earlier work coupled with this definition of consistency enables us to assess and hence improve the implementation of an access control policy by using an access control mechanism. We demonstrate the value of our approach by specifying a simple access control policy and implementing the policy on two different commercial operating systems.
Original languageEnglish
Publication statusPublished - 1999

Cite this