Groupability in security policy models

Abstract

Dynamic policy supporting and authorization granularity are two key issues in access control. Present researches only compared the expressiveness of policies, but never considered the policy's structure and the granularity of authorization, which makes it difficult to support the dynamic policy and satisfy the least privilege requirement. As this paper points out that Lampson's access matrix is the most fine-grained access control model, the other security policies need to group access matrix according to their different application requirements. By defining a descriptive framework of Groupability Basing on Security Labels (GroSeLa), generic security policies can be mapped into Lampson's access matrix. GroSeLa framework consists of a set of fundamental components and an extension. The fundamental components give all policy's structure for grouping matrix, and the extension reveals all necessary administrative requirements for supporting dynamic policy completely. Based on GroSeLa, this paper proposes five grouping dimensions for evaluating security policies, including grouping factors, dynamic factors, policy scale, authorization granularity and separation of duty supporting. The paper also compares four classic security policies, namely ACL (access control list), BLP (Bell LaPadula), DTE (domain and type enforcement) and RBAC (role-based access control). To the best of these knowledge, it is studied that the difference on expressiveness, usability and authorization granularity of different security policies are from the aspect of grouping access matrix. © by Institute of Software, the Chinese Academy of Sciences.