This paper describes the architecture and the core specification language of an extensible access control system, called MACS-Multipolicy Access Control System. Several access control models are supported. by the proposed system, including the mandatory model, a flexible discretionary model, and RBAC. In addition, by using the core specification language, users can define their own access control models. The language is complemented by a number of tools supporting users in the tasks of model specification and analysis, and authorization management. The proposed system is a multipolicy system in that it allows one to apply different policies to different partitions of the set of objects to be protected. Therefore, different access control policies can co-exist, thus enhancing the flexibility of the system.

A system to specify and manage multipolicy access control models / E. Bertino, B. Catania, E. Ferrari, P. Perlasca - In: Proceedings of the sixth ACM symposium on Access control models and technologies : 2001, Chantilly, Virginia, United StatesNew York : ACM, 2002. - ISBN 1581133502. - pp. 41-52 (( Intervento presentato al 6th. convegno ACM symposium on Access control models and technologies tenutosi a Chantilly, Virginia, United States nel 2001.

A system to specify and manage multipolicy access control models

P. Perlasca
Ultimo
2002

Abstract

This paper describes the architecture and the core specification language of an extensible access control system, called MACS-Multipolicy Access Control System. Several access control models are supported. by the proposed system, including the mandatory model, a flexible discretionary model, and RBAC. In addition, by using the core specification language, users can define their own access control models. The language is complemented by a number of tools supporting users in the tasks of model specification and analysis, and authorization management. The proposed system is a multipolicy system in that it allows one to apply different policies to different partitions of the set of objects to be protected. Therefore, different access control policies can co-exist, thus enhancing the flexibility of the system.
Settore INF/01 - Informatica
2002
ACM
Book Part (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/141855
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 34
  • ???jsp.display-item.citation.isi??? 13
social impact