Refinement for administrative policies

M.A.C. Dekker; S. Etalle

doi:10.1007/978-3-540-75248-6_3

Refinement for administrative policies

M.A.C. Dekker, S. Etalle

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

149 Downloads (Pure)

Abstract

Flexibility of management is an important requisite for access control systems as it allows users to adapt the access control system in accordance with practical requirements. This paper builds on earlier work where we defined administrative policies for a general class of RBAC models. We present a formal definition of administrative refinement and we show that there is an ordering for administrative privileges which yields administrative refinements of policies. We argue (by giving an example) that this privilege ordering can be very useful in practice, and we prove that the privilege ordering is tractable.

Original language	English
Title of host publication	Proceedings of the 4th VLDB Workshop on Secure Data Management (SDM 2007) 23-24 September 2007, Vienna, Austria
Editors	W. Jonker, M. Petkovic
Place of Publication	Berlin, Germany
Publisher	Springer
Pages	33-46
ISBN (Print)	978-3-540-75247-9
DOIs	https://doi.org/10.1007/978-3-540-75248-6_3
Publication status	Published - 2007
Event	conference; SDM 2007, Vienna, Austria; 2007-09-23; 2007-09-24 - Duration: 23 Sept 2007 → 24 Sept 2007

Publication series

Name	Lecture Notes in Computer Science
Volume	4721
ISSN (Print)	0302-9743

Conference

Conference	conference; SDM 2007, Vienna, Austria; 2007-09-23; 2007-09-24
Period	23/09/07 → 24/09/07
Other	SDM 2007, Vienna, Austria

Access to Document

10.1007/978-3-540-75248-6_3

Metis211618Final published version, 401 KB

Cite this

@inproceedings{9be38569b972410084fb6be834967158,

title = "Refinement for administrative policies",

abstract = "Flexibility of management is an important requisite for access control systems as it allows users to adapt the access control system in accordance with practical requirements. This paper builds on earlier work where we defined administrative policies for a general class of RBAC models. We present a formal definition of administrative refinement and we show that there is an ordering for administrative privileges which yields administrative refinements of policies. We argue (by giving an example) that this privilege ordering can be very useful in practice, and we prove that the privilege ordering is tractable.",

author = "M.A.C. Dekker and S. Etalle",

year = "2007",

doi = "10.1007/978-3-540-75248-6_3",

language = "English",

isbn = "978-3-540-75247-9",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "33--46",

editor = "W. Jonker and M. Petkovic",

booktitle = "Proceedings of the 4th VLDB Workshop on Secure Data Management (SDM 2007) 23-24 September 2007, Vienna, Austria",

address = "Germany",

note = "conference; SDM 2007, Vienna, Austria; 2007-09-23; 2007-09-24 ; Conference date: 23-09-2007 Through 24-09-2007",

}

Dekker, MAC & Etalle, S 2007, Refinement for administrative policies. in W Jonker & M Petkovic (eds), Proceedings of the 4th VLDB Workshop on Secure Data Management (SDM 2007) 23-24 September 2007, Vienna, Austria. Lecture Notes in Computer Science, vol. 4721, Springer, Berlin, Germany, pp. 33-46, conference; SDM 2007, Vienna, Austria; 2007-09-23; 2007-09-24, 23/09/07. https://doi.org/10.1007/978-3-540-75248-6_3

Refinement for administrative policies. / Dekker, M.A.C.; Etalle, S.
Proceedings of the 4th VLDB Workshop on Secure Data Management (SDM 2007) 23-24 September 2007, Vienna, Austria. ed. / W. Jonker; M. Petkovic. Berlin, Germany: Springer, 2007. p. 33-46 (Lecture Notes in Computer Science; Vol. 4721).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Refinement for administrative policies

AU - Dekker, M.A.C.

AU - Etalle, S.

PY - 2007

Y1 - 2007

N2 - Flexibility of management is an important requisite for access control systems as it allows users to adapt the access control system in accordance with practical requirements. This paper builds on earlier work where we defined administrative policies for a general class of RBAC models. We present a formal definition of administrative refinement and we show that there is an ordering for administrative privileges which yields administrative refinements of policies. We argue (by giving an example) that this privilege ordering can be very useful in practice, and we prove that the privilege ordering is tractable.

AB - Flexibility of management is an important requisite for access control systems as it allows users to adapt the access control system in accordance with practical requirements. This paper builds on earlier work where we defined administrative policies for a general class of RBAC models. We present a formal definition of administrative refinement and we show that there is an ordering for administrative privileges which yields administrative refinements of policies. We argue (by giving an example) that this privilege ordering can be very useful in practice, and we prove that the privilege ordering is tractable.

U2 - 10.1007/978-3-540-75248-6_3

DO - 10.1007/978-3-540-75248-6_3

M3 - Conference contribution

SN - 978-3-540-75247-9

T3 - Lecture Notes in Computer Science

SP - 33

EP - 46

BT - Proceedings of the 4th VLDB Workshop on Secure Data Management (SDM 2007) 23-24 September 2007, Vienna, Austria

A2 - Jonker, W.

A2 - Petkovic, M.

PB - Springer

CY - Berlin, Germany

T2 - conference; SDM 2007, Vienna, Austria; 2007-09-23; 2007-09-24

Y2 - 23 September 2007 through 24 September 2007

ER -

Refinement for administrative policies

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this