Evaluating and improving access control

J. Crampton; G. Loizou; G. O'Shea

Evaluating and improving access control

J. Crampton, G. Loizou, G. O'Shea

Research output: Working paper

Abstract

Our recent work provides a theoretical basis for the development of tools for reasoning about the operational implications of a particular configuration of the access control mechanism of an operating system. Herein we introduce a set-theoretic model of an access control policy and the concept of consistency of the state of an access control mechanism with a given access control policy. Our earlier work coupled with this definition of consistency enables us to assess and hence improve the implementation of an access control policy by using an access control mechanism. We demonstrate the value of our approach by specifying a simple access control policy and implementing the policy on two different commercial operating systems.

Original language	English
Publication status	Published - 1999

Cite this

@techreport{6a41374e2c9f4bc99876b3b84a05d881,

title = "Evaluating and improving access control",

abstract = "Our recent work provides a theoretical basis for the development of tools for reasoning about the operational implications of a particular configuration of the access control mechanism of an operating system. Herein we introduce a set-theoretic model of an access control policy and the concept of consistency of the state of an access control mechanism with a given access control policy. Our earlier work coupled with this definition of consistency enables us to assess and hence improve the implementation of an access control policy by using an access control mechanism. We demonstrate the value of our approach by specifying a simple access control policy and implementing the policy on two different commercial operating systems.",

author = "J. Crampton and G. Loizou and G. O'Shea",

year = "1999",

language = "English",

type = "WorkingPaper",

}

TY - UNPB

T1 - Evaluating and improving access control

AU - Crampton, J.

AU - Loizou, G.

AU - O'Shea, G.

PY - 1999

Y1 - 1999

N2 - Our recent work provides a theoretical basis for the development of tools for reasoning about the operational implications of a particular configuration of the access control mechanism of an operating system. Herein we introduce a set-theoretic model of an access control policy and the concept of consistency of the state of an access control mechanism with a given access control policy. Our earlier work coupled with this definition of consistency enables us to assess and hence improve the implementation of an access control policy by using an access control mechanism. We demonstrate the value of our approach by specifying a simple access control policy and implementing the policy on two different commercial operating systems.

AB - Our recent work provides a theoretical basis for the development of tools for reasoning about the operational implications of a particular configuration of the access control mechanism of an operating system. Herein we introduce a set-theoretic model of an access control policy and the concept of consistency of the state of an access control mechanism with a given access control policy. Our earlier work coupled with this definition of consistency enables us to assess and hence improve the implementation of an access control policy by using an access control mechanism. We demonstrate the value of our approach by specifying a simple access control policy and implementing the policy on two different commercial operating systems.

M3 - Working paper

BT - Evaluating and improving access control

ER -