Extended Role Based Access Control with Procedural Constraints for Trusted Operating Systems
作者: Wook Shin , Jong-Youl Park , Dong-Ik Lee
DOI: 10.1093/IETISY/E88-D.3.619
关键词:
摘要: The current scheme of access control judges the legality each based on immediate information without considering associate hidden in a series accesses. Due to deficiency, systems do not efficiently limit attacks consist ordinary operations. For trusted operating system developments, we extended RBAC and added negative procedural constraints refuse those attacks. With constraints, can discriminate attack trials from normal behaviors. This paper shows specification concept model, presents simple analysis results.
unirioja.es
harvard.edu
sci-hub.st 参考文章(23)
Sebastian G. Elbaum, John C. Munson, Intrusion Detection Through Dynamic Software Measurement ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 41- 50 ,(1999)
Timothy N. Newsham, Thomas H. Ptacek, Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection ,(1998)
Mark Borning, Roland Büschkes, Dogan Kesdogan, Transaction-based Anomaly Detection ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 129- 140 ,(1999)
Aaron Schwartzbard, Michael Schatz, Anup K. Ghosh, Learning program behavior profiles for intrusion detection ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 6- 6 ,(1999)
D. G. Cholewka, R. A. Botha, J. H. P. Eloff, A Context-Sensitive Access Control Model and Prototype Implementation information security. pp. 341- 350 ,(2000) , 10.1007/978-0-387-35515-3_35
M. Branstad, H. Tajalli, F. Mayer, Security issues of the Trusted Mach system annual computer security applications conference. pp. 362- 367 ,(1988) , 10.1109/ACSAC.1988.113334
R. Sekar, Thomas F. Bowen, Mark E. Segal, On preventing intrusions by process behavior monitoring ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 29- 40 ,(1999)
Dixie B. Baker, Fortresses built upon sand new security paradigms workshop. pp. 148- 153 ,(1996) , 10.1145/304851.304886
Manuel Koch, Luigi V. Mancini, Francesco Parisi-Presicce, A graph-based formalism for RBAC ACM Transactions on Information and System Security. ,vol. 5, pp. 332- 365 ,(2002) , 10.1145/545186.545191
Jacques Wainer, Paulo Barthelmess, Akhil Kumar, W-RBAC — A Workflow Security Model Incorporating Controlled Overriding of Constraints International Journal of Cooperative Information Systems. ,vol. 12, pp. 455- 485 ,(2003) , 10.1142/S0218843003000814