Skip to main content
Conference ProceedingsOPEN ACCESS

Application-sensitive access control evaluation using parameterized expressiveness

Proceedings of the Computer Security Foundations Workshop (2013) 145-160
DOI: 10.1109/CSF.2013.17
19Citations
Citations of this article
17Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Access control schemes come in all shapes and sizes, which makes choosing the right one for a particular application a challenge. Yet today's techniques for comparing access control schemes completely ignore the setting in which the scheme is to be deployed. In this paper, we present a formal framework for comparing access control schemes with respect to a particular application. The analyst's main task is to evaluate an access control scheme in terms of how well it implements a given access control workload (a formalism that we introduce to represent an application's access control needs). One implementation is better than another if it has stronger security guarantees, and in this paper we introduce several such guarantees: correctness, homomorphism, AC-preservation, safety, administration-preservation, and compatibility. The scheme that admits the implementation with the strongest guarantees is deemed the best fit for the application. We demonstrate the use of our framework by evaluating two workloads on ten different access control schemes. © 2013 Authors, as per new IEEE copyright agreement.

References Powered by Scopus

Protection in Operating Systems

Communications of the ACM
717Citations
N/AReaders
Get full text

Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies

ACM Transactions on Information and System Security
450Citations
N/AReaders
Get full text

A logical framework for reasoning about access control models

ACM Transactions on Information and System Security
142Citations
N/AReaders
Get full text
View more at Scopus

Cited by Powered by Scopus

On the Practicality of Cryptographically Enforcing Dynamic Access Control Policies in the Cloud

Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016
59Citations
N/AReaders
Get full text

Industrial cybersecurity: Improving security through access control policy models

IEEE Industrial Electronics Magazine
23Citations
N/AReaders
Get full text

Crypt-DAC: Cryptographically Enforced Dynamic Access Control in the Cloud

IEEE Transactions on Dependable and Secure Computing
21Citations
N/AReaders
Get full text
View more at Scopus

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Cite

CITATION STYLE

APA

Hinrichs, T. L., Martinoia, D., Garrison, W. C., Lee, A. J., Panebianco, A., & Zuck, L. (2013). Application-sensitive access control evaluation using parameterized expressiveness. In Proceedings of the Computer Security Foundations Workshop (pp. 145–160). https://doi.org/10.1109/CSF.2013.17

Readers' Seniority

Tooltip

PhD / Post grad / Masters / Doc 9

69%

Researcher 3

23%

Professor / Associate Prof. 1

8%

Readers' Discipline

Tooltip

Computer Science 10

71%

Engineering 3

21%

Physics and Astronomy 1

7%

Save time finding and organizing research with Mendeley

Sign up for free