Tees confidentiality model (TCM2): Supporting dynamic authorization and overrides in attribute- based access control

Jim Longstaff, Tony Howitt

    Research output: Chapter in Book/Report/Conference proceedingChapter

    1 Citation (Scopus)

    Abstract

    We present a new model for attribute-based access control (ABAC) called Tees Confidentiality Model version 2 (TCM2). The model handles negative permissions and overrides in a single permission processing mechanism. We formally specify this mechanism using the B-Method, thus indicating how permissions are constructed. TCM2 extends the approaches of ABAC and parameterized role-based access control (RBAC) in that users, operations, and protected objects have properties, which we call classifiers. The simplest form of a classifier is an attribute, as defined for users in ABAC; additional information is also handled by classifiers. Classifier values themselves are hierarchically structured. A permission consists of a set of classifier values, and permissions review/determining an individual’s risk exposure is carried out by database querying. We illustrate this using a health records scenario. The model has general applicability to areas where tightly controlled sharing of data and applications, with well-defined overrides, is required.

    Original languageEnglish
    Title of host publicationCase Studies in Secure Computing
    Subtitle of host publicationAchievements and Trends
    PublisherCRC Press
    Pages89-110
    Number of pages22
    ISBN (Electronic)9781482207071
    ISBN (Print)9781482207064
    DOIs
    Publication statusPublished - 1 Jan 2014

    Fingerprint

    Dive into the research topics of 'Tees confidentiality model (TCM2): Supporting dynamic authorization and overrides in attribute- based access control'. Together they form a unique fingerprint.

    Cite this