A high level language for conventional access control models

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review


A formal language to specify general access control policies and their sequences of transformations has been proposed in [1]. The access control policy was specified by a domain description which consisted of a finite set of initial policy propositions, policy transformation propositions and default propositions. Usually, access control models are falls into two conventional categories: discretionary access control(DAC) and mandatory access control(MAC). Traditional DAC models basically enumerate all the subjects and objects in a system and regulate the access to the object based on the identity of the subject. It can be best represented by the HRU's access control matrix [4]. While on the other hand, MAC models are lattice based models, in the sense that each subject and object is associated with a sensitivity level which forms a lattice [3]. In this paper, we intend to demonstrate that both a DAC-like model and a MAC-like model can be realized by an approach using our formal language. We also discuss some other related works.

Original languageEnglish
Title of host publicationInformation Security and Privacy
Subtitle of host publicationThird Australasian Conference, ACISP’98 Brisbane, Australia, July 13–15, 1998 Proceedings
EditorsColin Boyd, Ed Dawson
Place of PublicationBerlin; New York
PublisherSpringer, Springer Nature
Number of pages11
ISBN (Electronic)9783540691013
ISBN (Print)3540647325, 9783540647324
Publication statusPublished - Jul 1998
Externally publishedYes
Event3rd Australasian Conference on Information Security and Privacy, ACISP - 1998 - Brisbane, Australia
Duration: 13 Jul 199815 Jul 1998

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)03029743
ISSN (Electronic)16113349


Other3rd Australasian Conference on Information Security and Privacy, ACISP - 1998


  • Access control model
  • Authorization policies
  • Formal language
  • Policy transformations

Fingerprint Dive into the research topics of 'A high level language for conventional access control models'. Together they form a unique fingerprint.

Cite this