Temporal Access Control based on Multiple Subjects
In the traditional history-based access control model, the policy is designed regarding only one subject. This policy is vulnerable, because if multi-subjects who have common interests collaborate, the access control may be bypassed. In addition, designing policy for multi-subjects access is indispensable for many online applications. Towards this problem, a temporal access control based on multisubjects is proposed in this paper. The main idea is to make decision of access according to active multi-subjects history executions. A policy language is introduced and its syntax and semantics are defined formally. Finally, a policy verification algorithm is given and an example is used to illustrate it.
access control multi-subjects temporal access operation history
Changzheng Xu Qingxian Wang Weiming Zhang Yali Ding
National Digital Switching System Engineering andTechnological Research Center (NDSC)Zhengzhou 45000 National Digital Switching System Engineering and Technological Research Center (NDSC) Zhengzhou 450 No.355, Rd. East Donggang, Chengguan District Lanzhou 730020, P.R.China
国际会议
武汉
英文
1120-1123
2009-11-18(万方平台首次上网日期,不代表论文的发表时间)