Refinement for Administrative Policies

M.A.C. Dekker, Sandro Etalle

    Research output: Book/ReportReportProfessional

    62 Downloads (Pure)

    Abstract

    Flexibility of management is an important requisite for access control systems as it allows users to adapt the access control system in accordance with practical requirements. This paper builds on earlier work where we defined administrative policies for a general class of RBAC models. We present a formal definition of administrative refinnement and we show that there is an ordering for administrative privileges which yields administrative refinements of policies. We argue (by giving an example) that this privilege ordering can be very useful in practice, and we prove that the privilege ordering is tractable.
    Original languageUndefined
    Place of PublicationEnschede
    PublisherDistributed and Embedded Security (DIES)
    Number of pages16
    Publication statusPublished - 2007

    Publication series

    NameCTIT Technical Report Series
    PublisherCentre for Telematics and Information Technology, University of Twente
    No.LNCS4549/TR-CTIT-07-47
    ISSN (Print)1381-3625

    Keywords

    • EWI-10743
    • SCS-Cybersecurity
    • METIS-241769
    • RBAC
    • Administrative Policies
    • Access Control
    • IR-64241

    Cite this

    Dekker, M. A. C., & Etalle, S. (2007). Refinement for Administrative Policies. (CTIT Technical Report Series; No. LNCS4549/TR-CTIT-07-47). Enschede: Distributed and Embedded Security (DIES).