Advanced Search
CS Search Google Search
Subscribers, please login

Published Articles >> Table of Contents >> Abstract

Fourth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'03)   p. 99
Policy Contexts: Controlling Information Flow in Parameterised RBAC
Andras Belokosztolszki, University of Cambridge Computer Laboratory
David M. Eyers, University of Cambridge Computer Laboratory
Ken Moody, University of Cambridge Computer Laboratory
Full Article Text: Download PDF of full textBuy this articleGet full text from IEEE Xplore

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/POLICY.2003.1206964
Send link to a friend

Abstract
Many RBAC models have augmented the fundamental requirement of a role abstraction with features such as parameterised roles and environment-aware policy. This paper examines the potential for unintentional leakage of information during RBAC policy enforcement, either through the exchange of parameters with external services when checking environmental conditions, or through a policy design which does not appropriately separate policy subsections with different basic purposes. We propose a simple, robust mechanism for handling these problems, and illustrate our approach with a current application of our OASIS RBAC system.
Additional Information

Citation:  Andras Belokosztolszki, David M. Eyers, Ken Moody, "Policy Contexts: Controlling Information Flow in Parameterised RBAC," policy, p. 99,  Fourth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'03),  2003

Similar Articles

Abstract Contents
Abstract
Citation

Download Citation
Ascii Text
BibTex
RefWorks
Procite/RefMan/Endnote




Free access to

  • Abstracts
  • Selected PDFs

Electronic subscribers login to:

  • Access HTML/PDFs of full text articles

Subscription information

Get a Web account

PDFs require Adobe Acrobat Reader.

Peer Review Notice

Give us Feedback