Sciweavers

Share
SACMAT
2005
ACM

Composing and combining policies under the policy machine

9 years 7 months ago
Composing and combining policies under the policy machine
As a major component of any host, or network operating system, access control mechanisms come in a wide variety of forms, each with their individual attributes, functions, methods for configuring policy, and a tight coupling to a class of policies. To afford generalized protection, NIST has initiated a project in pursuit of a standardized access control mechanism, referred to as the Policy Machine (PM) that requires changes only in its configuration in the enforcement of arbitrary and organization specific attributebased access control policies. Included among the PM’s enforceable policies are combinations of policy instances (e.g., Role-Based Access Control and Multi-Level Security). In our effort to devise a generic access control mechanism, we construct n terms of what we believe to be abstractions, properties and functions that are fundamental to policy configuration and enforcement. In its protection of objects under one or more policy instances, the PM categorizes users and ob...
David F. Ferraiolo, Serban I. Gavrila, Vincent C.
Added 26 Jun 2010
Updated 26 Jun 2010
Type Conference
Year 2005
Where SACMAT
Authors David F. Ferraiolo, Serban I. Gavrila, Vincent C. Hu, D. Richard Kuhn
Comments (0)
books