Policy Contexts: Controlling Information Flow in Parameterised RBAC

Lake Como, Italy June 04-June 06

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/POLICY.2003.1206964

Fourth IEEE International Workshop on ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Andr? Belokosztolszki Articles by David M. Eyers Articles by Ken Moody

	ASCII Text	x
	Andr? Belokosztolszki, David M. Eyers, Ken Moody, "Policy Contexts: Controlling Information Flow in Parameterised RBAC," Policies for Distributed Systems and Networks, IEEE International Workshop on, pp. 99, Fourth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'03), 2003.

	BibTex	x
	@article{ 10.1109/POLICY.2003.1206964, author = {Andr? Belokosztolszki and David M. Eyers and Ken Moody}, title = {Policy Contexts: Controlling Information Flow in Parameterised RBAC}, journal ={Policies for Distributed Systems and Networks, IEEE International Workshop on}, volume = {0}, year = {2003}, isbn = {0-7695-1933-4}, pages = {99}, doi = {http://doi.ieeecomputersociety.org/10.1109/POLICY.2003.1206964}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Policies for Distributed Systems and Networks, IEEE International Workshop on TI - Policy Contexts: Controlling Information Flow in Parameterised RBAC SN - 0-7695-1933-4 SP EP A1 - Andr? Belokosztolszki, A1 - David M. Eyers, A1 - Ken Moody, PY - 2003 KW - null VL - 0 JA - Policies for Distributed Systems and Networks, IEEE International Workshop on ER -

Andr? Belokosztolszki, University of Cambridge Computer Laboratory

David M. Eyers, University of Cambridge Computer Laboratory

Ken Moody, University of Cambridge Computer Laboratory

Many RBAC models have augmented the fundamental requirement of a role abstraction with features such as parameterised roles and environment-aware policy. This paper examines the potential for unintentional leakage of information during RBAC policy enforcement, either through the exchange of parameters with external services when checking environmental conditions, or through a policy design which does not appropriately separate policy subsections with different basic purposes. We propose a simple, robust mechanism for handling these problems, and illustrate our approach with a current application of our OASIS RBAC system.

Citation:

Andr? Belokosztolszki, David M. Eyers, Ken Moody, "Policy Contexts: Controlling Information Flow in Parameterised RBAC," policy, pp.99, Fourth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'03), 2003

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.