Information Assurance through Access Control Policies: A Comprehensive Study

  IJCOT-book-cover
 
International Journal of Computer & Organization Trends  (IJCOT)          
 
© 2014 by IJCOT Journal
Volume - 4 Issue - 2
Year of Publication : 2014
Authors :  R.GnanaJeyaraman , Dr. D. Gunaseelan , P.K. Kumaresan
DOI :  10.14445/22492593/IJCOT-V6P307

Citation

R.GnanaJeyaraman , Dr. D. Gunaseelan , P.K. Kumaresan. "Information Assurance through Access Control Policies: A Comprehensive Study", International Journal of Computer & organization Trends (IJCOT), V4(2):30-32 Mar - Apr 2014, ISSN:2249-2593, www.ijcotjournal.org. Published by Seventh Sense Research Group.

Abstract

The real essence of information sharing is to let the correct information timely reach the appropriate receiver, at the right place and in an understandable format. The objective of this paper is to study about the different Access control policies that have been proposed so far for the static and dynamic environment to ensure secured information sharing.

References

[1] Anna Ferrreira, Ricardo Joao Cruz Correia, Luis Antunes 002, Pedro Farinha, E. Oliveira-Palhares, David W.Chadwick, Altamiro da Costa Pereira”, How to Break Access Control in a Controlled Manner” 2006 Proceedings 19th IEEE International Symposium on Computer-Based Medical Systems (CBMS)
[2] Anna Lisa Ferrara , P. Madhusudan, and G. Parlato Policy Analysis for Self-Administrated Role-Based Access Control, 19th Int`l Conference on Tools and Algorithms for the Construction and Analysis of Systems - TACAS 2013, Rome, Italy, 2013.
[3] Brucker, Achim D.; Petritsch, Helmut (2009). "Extending Access Control Models with Break-glass.". ACM symposium on access control models and technologies (SACMAT). ACM Press. pp. 19706
[4] Carminati, B.; Ferrari, E.; Guglielmi, M. "SHARE: Secure information sharing framework for emergency management", Data Engineering (ICDE), 2013 IEEE 29th International Conference on,On page(s): 1336 - 1339
[5] Carminati, B.; Ferrari, E.; Guglielmi, M. "Secure Information Sharing on Support of Emergency Management", Privacy, security, risk and trust (passat), 2011 ieee third international conference on and 2011 ieee third international conference on social computing (socialcom), On page(s): 988 – 995
[6] J. Crampton and G. Loizou. Administrative scope: A foundation for role-based administrative models. ACM Transactions on Information and System Security, 6(2):201–231, 2003.
[7] M.L. Damiani, E. Bertino, C. Silverstri, “ Spatial Domains for the Administration of Location-based Access control Policies”, Journal of Network and System Management, Springer, Sept 2008.
[8] Eric Freudenthal, Tracy Pesin, Lawrence Port, Edward Keenan, and Vijay Karamcheti , “dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments “, ICDCS `02 Proceedings of the 22 nd International Conference on Distributed Computing Systems (ICDCS`02) Page 411
[9] Ferreira, A. and Chadwick, D.W. and Farinha, P. et al. (2009) How to securely break into RBAC: the BTG-RBAC model. In: Computer Security Applications Conference, 2009. ACSAC`09. Annual, December 7–11, 2009, Honolulu, Hawaii, USA.
[10] Gunti, N.; Weiqing Sun; Niamat, M. "I-RBAC: Isolation enabled role-based access control", Privacy, Security and Trust (PST), 2011 Ninth Annual International Conference on, On page(s): 79 – 86
[11] Liang Chen, Jason Crampton, “Risk-Aware Role-Based Access Control” 7th International Workshop, STM 2011, Copenhagen, Denmark, June 27-28, 2011 .
[12] Lingyu Wang, Duminda Wijesekera†, and Sushil Jajodia “A logic-based framework for attribute based access control”, Proceedings of the 2004 ACM workshop on Formal methods in security Engineering Pages 45 - 55
[13] Ngajyothi Gunti, Weiqing Sun, and Mohammed Niamat , “I-RBAC: Isolation Enabled Role-Based Access Control”, Ninth Annual Conference on Privacy, Security and Trust (PST 2011) Montreal, Quebec, Canada, July 19-21, 2011.
[14] Richard Kuhn, Edward J. Coyne, Timothy R. Weil, "Adding Attributes to Role-Based Access Control," Computer, vol. 43, no. 6, pp. 79-81, June 2010, doi:10.1109/MC.2010.155
[15] Scott D. Stoller, Ping Yang, Mikhail Gofman, and C. R. Ramakrishnan. Symbolic Reachability Analysis for Parameterized Administrative Role Based Access Control. Computers & Security 30(2-3):148-164, March-May 2011, Elsevier.
[16] Xin Jin, Ravi Sandhu and Ram Krishnan, RABAC: Role-Centric Attribute-Based Access Control. In Proceedings 6th International Conference, on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS 2012, St. Petersburg, Russia, October 17-20, 2012, pages 84-96.

Keywords
Access control, Access control policies, tacp, Information sharing