An analysis of access control models

Gregory Saunders; Michael Hitchens; Vijay Varadharajan

doi:10.1007/3-540-48970-3_23

An analysis of access control models

Gregory Saunders, Michael Hitchens, Vijay Varadharajan

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

2 Citations (Scopus)

Abstract

Access control in real systems is implemented using one or more abstractions based on the access control matrix (ACM). The most common abstractions are access control lists (ACLs) and capabilities. In this paper, we consider an extended Harrison-Ruzzo-Ullman (HRU) model to make some formal observations about capability systems versus access control list based systems. This analysis makes the characteristics of these types of access control mechanisms more explicit and is intended to provide a better understanding of their use. A combined model providing the flexibility of capabilities with the simplicity of the ACL and its relation to other models proposed earlier (e.g.[10,6]) are discussed.

Original language	English
Title of host publication	Information Security and Privacy - 4th Australasian Conference, ACISP 1999, Proceedings
Editors	Josef Pieprzyk, Rei Safavi-Naini, Jennifer Seberry
Place of Publication	Berlin
Publisher	Springer, Springer Nature
Pages	281-293
Number of pages	13
Volume	1587
ISBN (Electronic)	9783540489702
ISBN (Print)	3540657568, 9783540657569
DOIs	https://doi.org/10.1007/3-540-48970-3_23
Publication status	Published - 1999
Externally published	Yes
Event	4th Australasian Conference on Information Security and Privacy, ACISP - 1999 - Wollongong, Australia Duration: 7 Apr 1999 → 9 Apr 1999

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	1587
ISSN (Print)	03029743
ISSN (Electronic)	16113349

Other

Other	4th Australasian Conference on Information Security and Privacy, ACISP - 1999
Country	Australia
City	Wollongong
Period	7/04/99 → 9/04/99

Access to Document

10.1007/3-540-48970-3_23

Link to publication in Scopus

Fingerprint Dive into the research topics of 'An analysis of access control models'. Together they form a unique fingerprint.

Cite this

Saunders, G., Hitchens, M., & Varadharajan, V. (1999). An analysis of access control models. In J. Pieprzyk, R. Safavi-Naini, & J. Seberry (Eds.), Information Security and Privacy - 4th Australasian Conference, ACISP 1999, Proceedings (Vol. 1587, pp. 281-293). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 1587). Springer, Springer Nature. https://doi.org/10.1007/3-540-48970-3_23

Saunders, Gregory ; Hitchens, Michael ; Varadharajan, Vijay. / An analysis of access control models. Information Security and Privacy - 4th Australasian Conference, ACISP 1999, Proceedings. editor / Josef Pieprzyk ; Rei Safavi-Naini ; Jennifer Seberry. Vol. 1587 Berlin : Springer, Springer Nature, 1999. pp. 281-293 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{f57be0986f8b4e1ca2a37cf22f32300f,

title = "An analysis of access control models",

abstract = "Access control in real systems is implemented using one or more abstractions based on the access control matrix (ACM). The most common abstractions are access control lists (ACLs) and capabilities. In this paper, we consider an extended Harrison-Ruzzo-Ullman (HRU) model to make some formal observations about capability systems versus access control list based systems. This analysis makes the characteristics of these types of access control mechanisms more explicit and is intended to provide a better understanding of their use. A combined model providing the flexibility of capabilities with the simplicity of the ACL and its relation to other models proposed earlier (e.g.[10,6]) are discussed.",

author = "Gregory Saunders and Michael Hitchens and Vijay Varadharajan",

year = "1999",

doi = "10.1007/3-540-48970-3_23",

language = "English",

isbn = "3540657568",

volume = "1587",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer, Springer Nature",

pages = "281--293",

editor = "Josef Pieprzyk and Rei Safavi-Naini and Jennifer Seberry",

booktitle = "Information Security and Privacy - 4th Australasian Conference, ACISP 1999, Proceedings",

address = "United States",

note = "4th Australasian Conference on Information Security and Privacy, ACISP - 1999 ; Conference date: 07-04-1999 Through 09-04-1999",

}

Saunders, G, Hitchens, M & Varadharajan, V 1999, An analysis of access control models. in J Pieprzyk, R Safavi-Naini & J Seberry (eds), Information Security and Privacy - 4th Australasian Conference, ACISP 1999, Proceedings. vol. 1587, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 1587, Springer, Springer Nature, Berlin, pp. 281-293, 4th Australasian Conference on Information Security and Privacy, ACISP - 1999, Wollongong, Australia, 7/04/99. https://doi.org/10.1007/3-540-48970-3_23

An analysis of access control models. / Saunders, Gregory; Hitchens, Michael ; Varadharajan, Vijay.

Information Security and Privacy - 4th Australasian Conference, ACISP 1999, Proceedings. ed. / Josef Pieprzyk; Rei Safavi-Naini; Jennifer Seberry. Vol. 1587 Berlin : Springer, Springer Nature, 1999. p. 281-293 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 1587).

Research output: Chapter in Book/Report/Conference proceeding › Conference proceeding contribution › peer-review

TY - GEN

T1 - An analysis of access control models

AU - Saunders, Gregory

AU - Hitchens, Michael

AU - Varadharajan, Vijay

PY - 1999

Y1 - 1999

N2 - Access control in real systems is implemented using one or more abstractions based on the access control matrix (ACM). The most common abstractions are access control lists (ACLs) and capabilities. In this paper, we consider an extended Harrison-Ruzzo-Ullman (HRU) model to make some formal observations about capability systems versus access control list based systems. This analysis makes the characteristics of these types of access control mechanisms more explicit and is intended to provide a better understanding of their use. A combined model providing the flexibility of capabilities with the simplicity of the ACL and its relation to other models proposed earlier (e.g.[10,6]) are discussed.

AB - Access control in real systems is implemented using one or more abstractions based on the access control matrix (ACM). The most common abstractions are access control lists (ACLs) and capabilities. In this paper, we consider an extended Harrison-Ruzzo-Ullman (HRU) model to make some formal observations about capability systems versus access control list based systems. This analysis makes the characteristics of these types of access control mechanisms more explicit and is intended to provide a better understanding of their use. A combined model providing the flexibility of capabilities with the simplicity of the ACL and its relation to other models proposed earlier (e.g.[10,6]) are discussed.

UR - http://www.scopus.com/inward/record.url?scp=84961366118&partnerID=8YFLogxK

U2 - 10.1007/3-540-48970-3_23

DO - 10.1007/3-540-48970-3_23

M3 - Conference proceeding contribution

AN - SCOPUS:84961366118

SN - 3540657568

SN - 9783540657569

VL - 1587

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 281

EP - 293

BT - Information Security and Privacy - 4th Australasian Conference, ACISP 1999, Proceedings

A2 - Pieprzyk, Josef

A2 - Safavi-Naini, Rei

A2 - Seberry, Jennifer

PB - Springer, Springer Nature

CY - Berlin

T2 - 4th Australasian Conference on Information Security and Privacy, ACISP - 1999

Y2 - 7 April 1999 through 9 April 1999

ER -

Saunders G, Hitchens M , Varadharajan V. An analysis of access control models. In Pieprzyk J, Safavi-Naini R, Seberry J, editors, Information Security and Privacy - 4th Australasian Conference, ACISP 1999, Proceedings. Vol. 1587. Berlin: Springer, Springer Nature. 1999. p. 281-293. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/3-540-48970-3_23