Label-Based Access Control Policy Enforcement and Management

null Wei Zhou; V.h. Raja; C. Meinel; M. Ahmad

doi:10.1109/SNPD-SAWN.2006.45

Label-Based Access Control Policy Enforcement and Management

Wei Zhou, V.h. Raja, C. Meinel, M. Ahmad

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

150 Downloads (Pure)

Abstract

To effectively participate in modern collaborations, member organizations must be able to share specific data and functionality with collaboration partners, while ensuring their resources are safe from inappropriate access. This requires access control models, policies, and enforcement mechanisms for the shared resources. This paper specifically addresses how to reduce the information leaks caused by authorization policies used in collaborative computing environment. The basic principle is defining some labels that specify the information flow constraints, and assigning them to authorization policy components. The usages of labeled policy components must obey the information fiows constraints defined by the labels in order to avoid authorization policy components being misused. This label can also improve the authorization policy administration.

Original language	English
Title of host publication	Proceedings of the 7th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing
Publisher	IEEE
Pages	395-400
ISBN (Print)	0-7695-2611-X
DOIs	https://doi.org/10.1109/SNPD-SAWN.2006.45
Publication status	Published - 20 Jun 2006

Bibliographical note

Author can archive publisher's version/PDF. For full details see http://www.sherpa.ac.uk/romeo/ [Accessed 29/04/2010]

Access to Document

10.1109/SNPD-SAWN.2006.45

Accepted manuscriptAccepted author manuscript, 173 KBLicence: CC BY-NC-ND

http://ieeexplore.ieee.org/document/1640723/

Fingerprint Dive into the research topics of 'Label-Based Access Control Policy Enforcement and Management'. Together they form a unique fingerprint.

Cite this

@inproceedings{e70429fcdb0046f5abdb32f20bad0e58,

title = "Label-Based Access Control Policy Enforcement and Management",

abstract = " To effectively participate in modern collaborations, member organizations must be able to share specific data and functionality with collaboration partners, while ensuring their resources are safe from inappropriate access. This requires access control models, policies, and enforcement mechanisms for the shared resources. This paper specifically addresses how to reduce the information leaks caused by authorization policies used in collaborative computing environment. The basic principle is defining some labels that specify the information flow constraints, and assigning them to authorization policy components. The usages of labeled policy components must obey the information fiows constraints defined by the labels in order to avoid authorization policy components being misused. This label can also improve the authorization policy administration.",

author = "{Wei Zhou} and V.h. Raja and C. Meinel and M. Ahmad",

note = " Author can archive publisher's version/PDF. For full details see http://www.sherpa.ac.uk/romeo/ [Accessed 29/04/2010]",

year = "2006",

month = jun,

day = "20",

doi = "10.1109/SNPD-SAWN.2006.45",

language = "English",

isbn = " 0-7695-2611-X",

pages = "395--400",

booktitle = "Proceedings of the 7th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing",

publisher = "IEEE",

}

Label-Based Access Control Policy Enforcement and Management. / Wei Zhou; Raja, V.h.; Meinel, C.; Ahmad, M.

Proceedings of the 7th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing. IEEE, 2006. p. 395-400.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Label-Based Access Control Policy Enforcement and Management

AU - Wei Zhou, null

AU - Raja, V.h.

AU - Meinel, C.

AU - Ahmad, M.

N1 - Author can archive publisher's version/PDF. For full details see http://www.sherpa.ac.uk/romeo/ [Accessed 29/04/2010]

PY - 2006/6/20

Y1 - 2006/6/20

N2 - To effectively participate in modern collaborations, member organizations must be able to share specific data and functionality with collaboration partners, while ensuring their resources are safe from inappropriate access. This requires access control models, policies, and enforcement mechanisms for the shared resources. This paper specifically addresses how to reduce the information leaks caused by authorization policies used in collaborative computing environment. The basic principle is defining some labels that specify the information flow constraints, and assigning them to authorization policy components. The usages of labeled policy components must obey the information fiows constraints defined by the labels in order to avoid authorization policy components being misused. This label can also improve the authorization policy administration.

AB - To effectively participate in modern collaborations, member organizations must be able to share specific data and functionality with collaboration partners, while ensuring their resources are safe from inappropriate access. This requires access control models, policies, and enforcement mechanisms for the shared resources. This paper specifically addresses how to reduce the information leaks caused by authorization policies used in collaborative computing environment. The basic principle is defining some labels that specify the information flow constraints, and assigning them to authorization policy components. The usages of labeled policy components must obey the information fiows constraints defined by the labels in order to avoid authorization policy components being misused. This label can also improve the authorization policy administration.

U2 - 10.1109/SNPD-SAWN.2006.45

DO - 10.1109/SNPD-SAWN.2006.45

M3 - Conference contribution

SN - 0-7695-2611-X

SP - 395

EP - 400

BT - Proceedings of the 7th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing

PB - IEEE

ER -