An access control model and its use in representing mental health application access policy

Vijay Varadharajan*, Claudio Calvelli

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)

Abstract

This paper considers an access control model and proposes extensions to it to deal with authentication and revocation. The model is then applied to represent access control policy in a mental health system. In the first part of the paper, extensions to the Schematic Protection Model (SPM) are presented. The authentication and revocation extensions are independent of one another in the sense that each one affects a different part of the decision algorithm. The extensions comprise a modification of the syntax to be able to represent the new concepts and, more importantly, a modification of the decision algorithm for the safety problem to take these changes into account. We introduce the concept of conditional tickets and use it to provide authentication. Apart from this, we have found this concept to be useful in modeling systems. Hence we have separated this (syntactical) issue from the definition of the new algorithm. The second part considers the access policy for a mental health application. We have used the extensions of SPM to model part of this access policy. Even with our extensions, SPM still remains a monotonic model, where rights can be removed only in very special cases, and this makes it impossible to represent all the aspects of the problem. Other than to serve as an example for the extensions we propose, this paper also helps to separate aspects of this access control policy which are inherently monotonic from parts which are defined in a non-monotonic way, but can still be represented in a monotonic model.

Original languageEnglish
Pages (from-to)81-95
Number of pages15
JournalIEEE Transactions on Knowledge and Data Engineering
Volume8
Issue number1
DOIs
Publication statusPublished - 1996
Externally publishedYes

Keywords

  • Access control models
  • Authentication
  • Conditional tickets
  • Mental health access policy
  • Revocation of rights

Fingerprint

Dive into the research topics of 'An access control model and its use in representing mental health application access policy'. Together they form a unique fingerprint.

Cite this