Access control is the process of mediating every request to resources and data maintained by a system and determining whether the request should be granted or denied. The variety and complexity of the protection requirements that may need to be imposed makes access control a far from trivial process. Expressiveness and flexibility are top requisites for an access control system together with, and usually in conflict with, simplicity and efficiency. In this paper, we discuss the main desiderata for access control systems and illustrate the main characteristics of access control solutions in some of the most popular existing systems.
Access control : principles and solutions / S. De Capitani di Vimercati, S. Paraboschi, P. Samarati. - In: SOFTWARE-PRACTICE & EXPERIENCE. - ISSN 0038-0644. - 33:5(2003 Apr), pp. 397-421. [10.1002/spe.513]
Access control : principles and solutions
S. De Capitani di VimercatiPrimo
;P. SamaratiUltimo
2003
Abstract
Access control is the process of mediating every request to resources and data maintained by a system and determining whether the request should be granted or denied. The variety and complexity of the protection requirements that may need to be imposed makes access control a far from trivial process. Expressiveness and flexibility are top requisites for an access control system together with, and usually in conflict with, simplicity and efficiency. In this paper, we discuss the main desiderata for access control systems and illustrate the main characteristics of access control solutions in some of the most popular existing systems.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.