Organization based access control

Anas Abou El Kalam,Rania El Baida,Philippe Balbiani,Salem Benferhat,Frédéric Cuppens,Yves Deswarte,Alexandre Miège,Claire Saurel,Gilles Trouessin

Organization based access control

2003

Anas Abou El Kalam
Rania El Baida
Philippe Balbiani
Salem Benferhat
Frédéric Cuppens
Yves Deswarte
Alexandre Miège
Claire Saurel
Gilles Trouessin

None of the classical access control models such as DAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include contextual rules related to permissions, prohibitions, obligations and recommendations. This is typically the case of security policies that apply to the health care domain. We suggest a new model that provides solutions to specify such contextual security policies. This model, called organization based access control, is presented using a formal language based on first-order logic.

Keywords:

Computer security model
Management science
Information security
Security policy
Information system
Formal language
Knowledge management
Access control
Role-based access control
Context model
Computer science
Permission
Computer security

Correction
Source
Cite
Save
Machine Reading By IdeaReader

References

524

Citations