Research on Access Control Policy for Confidential Information System

2012 ◽  
Vol 263-266 ◽  
pp. 3064-3067 ◽  
Author(s):  
Jian Zhang ◽  
Jin Yao ◽  
Kun Huang
Keyword(s):  
Information System ◽  
Access Control ◽  
Control Policy ◽  
Research Topic ◽  
Access Control Policy ◽  
Confidential Information ◽  
Control Policies ◽  
Secure Access ◽  
Access Control Policies ◽  
Secure Access Control

How to achieve secure access control in multi-domain is a hot research topic in the information security field. The access control policy for confidential information system is different from that for ordinary commercial information system, because the former concerns about the confidentiality of the data and the latter concerns about the integrity. Emphatically discusses the access control policies for confidential information system, including single-domain and multi-domain environment, and presents two useful access control policies for multi-domain.

scholarly journals A Comprehensive Formal Solution for Access Control Policies Management: Defect Detection, Analysis and Risk Assessment

10.29007/q916 ◽  
2018 ◽  
Author(s):  
Faouzi Jaidi ◽  
Faten Labbene Ayachi ◽  
Adel Bouhoula
Keyword(s):  
Risk Assessment ◽  
Access Control ◽  
Development Process ◽  
Formal Solution ◽  
Control Policy ◽  
Formal Reasoning ◽  
Access Control Policy ◽  
Control Policies ◽  
Detection Analysis ◽  
Access Control Policies

Nowadays, the access control is becoming increasingly important for open, ubiquitous and criti- cal systems. Nonetheless, efficient Administration, Management, Safety analysis and Risk assessment (AMSR) are recognized as fundamental and crucial challenges in todays access control infrastructures. In untrustworthy environment, the administration of an access control policy, which is a main secu- rity aspect, generally raises a critical analysis problem when the administration is distributed and/or potentially un-trusted users contribute to this process. Consequently, collusions attempts and inner threats may take place to generate crucial and invisible breaches to circumvent the policy. To address this issue, we introduce a rigorous and comprehensive solution for an efficient and secure management of access control policies. Our proposal gives a high visibility on the development process of an access control policy and allows in an elegant manner to detect, analyze and assess the risk associated to the policy defects. The strength of our proposal is that it relies on logic-like formalisms to ensure a high surety by verifying the correctness and the completeness of our formal reasoning. We rely on an example to illustrate the relevance of the proposal.

Supporting Complex Access Control Policy in PDM System

2009 ◽  
Vol 16-19 ◽  
pp. 703-707
Author(s):  
Chun Xiao Ye ◽  
Yun Qing Fu ◽  
Hong Xiang
Keyword(s):  
Access Control ◽  
Control Policy ◽  
Control Model ◽  
Access Control Policy ◽  
Access Control Model ◽  
Control Policies ◽  
Role Assignment ◽  
Access Control Policies ◽  
Extended Access ◽  
Model Complex

Based on previous works, this paper proposed an extended access control model for PDM system. In this model, complex access control policies are expressed and enforced to ensure the security of user role assignment, delegation and revocation of PDM system. To reduce system administrator’s work, the model provides an auto revocation mechanism which can be triggered by time, access control policies and user states. This paper also propose an implementation system architecture, an auto revocation algorithm and some examples to show how this complex policy supported access control model works in PDM system.

Hierarchy Similarity Analyser

2020 ◽  
pp. 204-220
Author(s):  
Shalini Bhartiya ◽  
Deepti Mehrotra ◽  
Anup Girdhar
Keyword(s):  
Access Control ◽  
Health Professionals ◽  
Control Policy ◽  
Healthcare Organizations ◽  
Access Control Policy ◽  
Unauthorized Access ◽  
Role Hierarchy ◽  
Access Control Policies ◽  
Policy Testing ◽  
Organizational Rules

Health professionals need an access to various dimensions of Electronic Health Records (EHR). Depending on technical constraints, each organization defines its own access control schema exhibiting heterogeneity in organizational rules and policies. Achieving interoperability between such schemas often result in contradictory rules thereby exposing data to undue disclosures. Permitting interoperable sharing of EHRs and simultaneously restricting unauthorized access is the major objective of this paper. An Extensible Access Control Markup Language (XACML)-based framework, Hierarchy Similarity Analyser (HSA), is proposed which fine-grains access control policies of disparate healthcare organizations to achieve interoperable and secured sharing of EHR under set authorizations. The proposed framework is implemented and verified using automated Access Control Policy Testing (ACPT) tool developed by NIST. Experimental results identify the users receive secured and restricted access as per their authorizations and role hierarchy in the organization.

Managing Privacy and Effectiveness of Patient-Administered Authorization Policies

2012 ◽  
Vol 3 (2) ◽  
pp. 43-62
Author(s):  
Thomas Trojer ◽  
Basel Katt ◽  
Ruth Breu ◽  
Thomas Schabetsberger ◽  
Richard Mair
Keyword(s):  
Health Care ◽  
Information System ◽  
Access Control ◽  
Data Privacy ◽  
Evaluation Criteria ◽  
Control Policy ◽  
Health Data ◽  
Personal Health ◽  
Access Control Policy ◽  
Authorization Policies

A central building block of data privacy is the individual right of information self-determination. Following from that when dealing with shared electronic health records (SEHR), citizens, as the identified individuals of such records, have to be enabled to decide what medical data can be used in which way by medical professionals. In this context individual preferences of privacy have to be reflected by authorization policies to control access to personal health data. There are two potential challenges when enabling patient-controlled access control policy authoring: First, an ordinary citizen neither can be considered a security expert, nor does she or he have the expertise to fully understand typical activities and workflows within the health-care domain. Thus, a citizen is not necessarily aware of implications her or his access control settings have with regards to the protection of personal health data. Both privacy of citizen’s health-data and the overall effectiveness of a health-care information system are at risk if inadequate access control settings are in place. This paper refers to scenarios of a case study previously conducted and shows how privacy and information system effectiveness can be defined and evaluated in the context of SEHR. The paper describes an access control policy analysis method which evaluates a patient-administered access control policy by considering the mentioned evaluation criteria.

A Comparative Analysis of Access Control Policy Modeling Approaches

2012 ◽  
Vol 3 (4) ◽  
pp. 65-83
Author(s):  
K. Shantha Kumari ◽  
T.Chithraleka
Keyword(s):  
Comparative Analysis ◽  
Access Control ◽  
Control Policy ◽  
Functional Requirements ◽  
Access Control Policy ◽  
Policy Modeling ◽  
The Past ◽  
Access Control Policies ◽  
Modeling Techniques ◽  
High Level

Access control policies (ACPs) characterize the high-level rules according to which the access control of a system is regulated. Generally they are defined separately from the functional requirements (FRs) of an application and added to the system as an afterthought after being built. But, many problems arose during the integration of ACPs and FRs. Hence, over the past years, researchers have suggested for the modifying the design phase to include an earlier focus on access control issues through various modeling techniques. This paper reviews the important approaches in ACP modeling and makes a comparative analysis of the advantages and limitations of those techniques especially in addressing complex ACPs. Based on the comparative analysis, this paper presents directions for further work needed in handling the intricate nature of today’s ACPs.

Sign in / Sign up

Export Citation Format

Share Document