, C.
, Frincke, D.
and Ferraiolo, D.
(2001),
The Policy Machine for Security Policy Management, International Conference of Computational Science 2001, [online], https://doi.org/10.1007/3-540-45718-6_54
(Accessed April 25, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
The Policy Machine for Security Policy Management
Published
Author(s)
, Deborah A. Frincke,
Abstract
Many different access controls policies and models have been developed to suit a variety of goals: these include Role-Based Access Control, One-directional Information Flow, Chinese Wall, Clark-Wilson, N-person Control, and DAC, in addition to more informal ad hoc policies. While each of these policies has a particular area of strength, the notational differences between these policies are substantial. As a result it is difficult to combine them, both in making formal statements which are based on differing models and in using more than one access control policy model within a given system. Thus, there is a need for a unifying formalism which is general enough to encompass a range of these policies and models. In this paper, we propose an open security architecture called the Policy Machine(PM) that would meet this need. We also provide examples showing how the PM specifies and enforces access control policies.Volume
2074
Conference Dates
May 28-30, 2001
Conference Title
International Conference of Computational Science 2001
Pub Type
Conferences
Download Paper
Keywords
access control models, access control policies, Policy Machine
Citation
Created July 17, 2001, Updated November 10, 2018