Loading...
| Friend's email | |
| Your name | |
| Your email | |
| enter code | |
This page was sent successfuly
A context-aware mandatory access control model for multilevel security environments
Jafarian, J. H ; Sharif University of Technology | 2008
510
Viewed
- Type of Document: Article
- DOI: 10.1007/978-3-540-87698-4_33
- Publisher: 2008
- Abstract:
- Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments like military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes may be required in some environments. Moreover, as computing technology becomes more pervasive, flexible access control mechanisms are needed. Unlike traditional approaches for access control, such access decisions depend on the combination of the required credentials of users and the context of the system. Incorporating context-awareness into mandatory access control models results in a model appropriate for handling such context-aware policies and context- sensitive class association mostly needed in multilevel security environments. In this paper, we introduce a context-aware mandatory access control model (CAMAC) capable of dynamic adaptation of access control policies to the context, and handling context-sensitive class association, in addition to preservation of confidentiality and integrity. One of the most significant characteristics of the model is its high expressiveness which allows us to express various mandatory access control models such as Bell-LaPadula, Biba, Dion, and Chinese Wall with it. © 2008 Springer-Verlag Berlin Heidelberg
- Keywords:
- Civil defense ; Information retrieval systems ; Reliability ; Security of data ; Security systems ; Ubiquitous computing ; Access Control policies ; Access decisions ; Computing technologies ; Confidentiality ; Context awarenesses ; Context-aware ; Context-awareness ; Control mechanisms ; Dynamic adaptations ; Integrity ; Mandatory access control ; Mandatory Access controls ; Military domains ; Multilevel securities ; Robust securities ; Access control
- Source: 27th International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2008, Newcastle upon Tyne, 22 September 2008 through 25 September 2008 ; Volume 5219 LNCS , 2008 , Pages 401-414 ; 03029743 (ISSN); 3540876979 (ISBN); 9783540876977 (ISBN)
- URL: https://link.springer.com/chapter/10.1007%2F978-3-540-87698-4_33