论自由访问控制中的安全性

Ninghui Li, Mahesh V. Tripunitara
{"title":"论自由访问控制中的安全性","authors":"Ninghui Li, Mahesh V. Tripunitara","doi":"10.1109/SP.2005.14","DOIUrl":null,"url":null,"abstract":"An apparently prevailing myth is that safety is undecidable in discretionary access control (DAC); therefore, one needs to invent new DAC schemes in which safety analysis is decidable. In this paper we dispel this myth. We argue that DAC should not be equated with the Harrison-Ruzzo-Ullman (1976) access matrix scheme, in which safety is undecidable. We present an efficient (running time cubic in its input size) algorithm for deciding safety in the Graham-Denning (1972) DAC scheme, which subsumes the DAC schemes used in the literature on comparing DAC with other access control models. We also counter several claims made in recent work by Solworth and Sloan (2004), in which the authors present a new access control scheme based on labels and relabelling and assert that it can implement the full range of DAC models. We present a precise characterization of their access control scheme and show that it does not adequately capture a relatively simple DAC scheme.","PeriodicalId":6366,"journal":{"name":"2005 IEEE Symposium on Security and Privacy (S&P'05)","volume":"1 1","pages":"96-109"},"PeriodicalIF":0.0000,"publicationDate":"2005-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"47","resultStr":"{\"title\":\"On safety in discretionary access control\",\"authors\":\"Ninghui Li, Mahesh V. Tripunitara\",\"doi\":\"10.1109/SP.2005.14\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"An apparently prevailing myth is that safety is undecidable in discretionary access control (DAC); therefore, one needs to invent new DAC schemes in which safety analysis is decidable. In this paper we dispel this myth. We argue that DAC should not be equated with the Harrison-Ruzzo-Ullman (1976) access matrix scheme, in which safety is undecidable. We present an efficient (running time cubic in its input size) algorithm for deciding safety in the Graham-Denning (1972) DAC scheme, which subsumes the DAC schemes used in the literature on comparing DAC with other access control models. We also counter several claims made in recent work by Solworth and Sloan (2004), in which the authors present a new access control scheme based on labels and relabelling and assert that it can implement the full range of DAC models. We present a precise characterization of their access control scheme and show that it does not adequately capture a relatively simple DAC scheme.\",\"PeriodicalId\":6366,\"journal\":{\"name\":\"2005 IEEE Symposium on Security and Privacy (S&P'05)\",\"volume\":\"1 1\",\"pages\":\"96-109\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-05-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"47\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2005 IEEE Symposium on Security and Privacy (S&P'05)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SP.2005.14\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2005 IEEE Symposium on Security and Privacy (S&P'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.2005.14","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 47

摘要

一个普遍存在的误解是,在自由访问控制(DAC)中,安全性是不可确定的;因此,需要发明新的DAC方案,其中安全性分析是可确定的。在本文中,我们打破了这个神话。我们认为DAC不应该等同于Harrison-Ruzzo-Ullman(1976)访问矩阵方案,其中安全性是不可确定的。在Graham-Denning (1972) DAC方案中,我们提出了一种有效的(输入大小的运行时间立方)算法来决定安全性,该算法包含了文献中用于比较DAC与其他访问控制模型的DAC方案。我们还反驳了Solworth和Sloan(2004)在最近的工作中提出的几个主张,其中作者提出了一种基于标签和重新标签的新访问控制方案,并断言它可以实现DAC模型的全部范围。我们提出了他们的访问控制方案的精确表征,并表明它不能充分捕获相对简单的DAC方案。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
On safety in discretionary access control
An apparently prevailing myth is that safety is undecidable in discretionary access control (DAC); therefore, one needs to invent new DAC schemes in which safety analysis is decidable. In this paper we dispel this myth. We argue that DAC should not be equated with the Harrison-Ruzzo-Ullman (1976) access matrix scheme, in which safety is undecidable. We present an efficient (running time cubic in its input size) algorithm for deciding safety in the Graham-Denning (1972) DAC scheme, which subsumes the DAC schemes used in the literature on comparing DAC with other access control models. We also counter several claims made in recent work by Solworth and Sloan (2004), in which the authors present a new access control scheme based on labels and relabelling and assert that it can implement the full range of DAC models. We present a precise characterization of their access control scheme and show that it does not adequately capture a relatively simple DAC scheme.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Seeing-is-believing: using camera phones for human-verifiable authentication BIND: a fine-grained attestation service for secure distributed systems On safety in discretionary access control Language-based generation and evaluation of NIDS signatures A generic attack on checksumming-based software tamper resistance
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1