来源感知系统的工程访问控制策略

Proceedings of the third ACM conference on Data and application security and privacy Pub Date : 2013-02-18 DOI:10.1145/2435349.2435390

Lianshan Sun, Jaehong Park, R. Sandhu

{"title":"来源感知系统的工程访问控制策略","authors":"Lianshan Sun, Jaehong Park, R. Sandhu","doi":"10.1145/2435349.2435390","DOIUrl":null,"url":null,"abstract":"Provenance is meta-data about how data items become what they are. A variety of provenance-aware access control models and policy languages have been recently discussed in the literature. However, the issue of eliciting access control requirements related to provenance and of elaborating them as provenance-aware access control policies (ACPs) has received much less attention. This paper explores the approach to engineering provenance-aware ACPs since the beginning of software development. Specifically, this paper introduces a typed provenance model (TPM) to abstract complex provenance graph and presents a TPM-centric process for identification, specification, and refinement of provenance-aware ACPs. We illustrate this process by means of a homework grading system.","PeriodicalId":118139,"journal":{"name":"Proceedings of the third ACM conference on Data and application security and privacy","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2013-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Engineering access control policies for provenance-aware systems\",\"authors\":\"Lianshan Sun, Jaehong Park, R. Sandhu\",\"doi\":\"10.1145/2435349.2435390\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Provenance is meta-data about how data items become what they are. A variety of provenance-aware access control models and policy languages have been recently discussed in the literature. However, the issue of eliciting access control requirements related to provenance and of elaborating them as provenance-aware access control policies (ACPs) has received much less attention. This paper explores the approach to engineering provenance-aware ACPs since the beginning of software development. Specifically, this paper introduces a typed provenance model (TPM) to abstract complex provenance graph and presents a TPM-centric process for identification, specification, and refinement of provenance-aware ACPs. We illustrate this process by means of a homework grading system.\",\"PeriodicalId\":118139,\"journal\":{\"name\":\"Proceedings of the third ACM conference on Data and application security and privacy\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-02-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the third ACM conference on Data and application security and privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/2435349.2435390\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the third ACM conference on Data and application security and privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2435349.2435390","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 16

摘要

出处是关于数据项如何成为它们的元数据。最近在文献中讨论了各种来源感知访问控制模型和策略语言。然而，引出与来源相关的访问控制需求并将其细化为来源感知访问控制策略(acp)的问题受到的关注要少得多。本文探讨了自软件开发开始以来工程来源感知acp的方法。具体来说，本文引入了一个类型化的来源模型(TPM)来抽象复杂的来源图，并提出了一个以TPM为中心的识别、规范和细化来源感知acp的过程。我们通过家庭作业评分系统来说明这个过程。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Engineering access control policies for provenance-aware systems

Provenance is meta-data about how data items become what they are. A variety of provenance-aware access control models and policy languages have been recently discussed in the literature. However, the issue of eliciting access control requirements related to provenance and of elaborating them as provenance-aware access control policies (ACPs) has received much less attention. This paper explores the approach to engineering provenance-aware ACPs since the beginning of software development. Specifically, this paper introduces a typed provenance model (TPM) to abstract complex provenance graph and presents a TPM-centric process for identification, specification, and refinement of provenance-aware ACPs. We illustrate this process by means of a homework grading system.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the third ACM conference on Data and application security and privacy

自引率

0.00%

发文量

期刊最新文献

Effect of grammar on security of long passwords A new approach for delegation in usage control Session details: Poster session Multi-user dynamic proofs of data possession using trusted hardware All your browser-saved passwords could belong to us: a security analysis and a cloud-based new design