A formal model for access control with supporting spatial context

There is an emerging recognition of the importance of utilizing contextual informa tion in authorization decisions. Controlling access to resources in the field of wireless and mobile networking require the definition of a formal model for access control with supporting spatial context. However, traditional RBAC model does not specify these spatial requirements. In this paper, we extend the existing RBAC model and propose the SC-RBAC model that utilizes spatial and location-based information in security policy definitions. The concept of spatial role is presented, and the role is assigned a logical location domain to specify the spatial boundary. Roles are activated based on the current physical position of the user which obtained from a specific mobile terminal. We then extend SC-RBAC to deal with hierarchies, modeling permission, user and activation inheritance, and prove that the hierarchical spatial roles are capable of constructing a lattice which is a means for articulate multi-level security policy and more suitable to control the information flow security for safety-critical location-aware information systems. Next, constrained SC-RBAC allows express various spatial separations of duty constraints, location-based cardinality and temporal constraints for specify fine-grained spatial semantics that are typical in location-aware systems. Finally, we introduce 9 invariants for the constrained SC-RBAC and its basic security theorem is proven. The constrained SC-RBAC provides the foundation for applications in need of the constrained spatial context aware access control.     

Provably Secure Role-Based Encryption with Revocation Mechanism

Role-Based Encryption (RBE) realizes access control mechanisms over encrypted data according to the widely adopted hierarchical RBAC model.In this paper,we present a practical RBE scheme with revocation mechanism based on partial-order key hierarchy with respect to the public key infrastructure,in which each user is assigned with a unique private-key to support user identification,and each role corresponds to a public group-key that is used to encrypt data.Based on this key hierarchy structure,our RBE scheme allows a sender to directly specify a role for encrypting data,which can be decrypted by all senior roles,as well as to revoke any subgroup of users and roles.We give a full proof of security of our scheme against hierarchical collusion attacks.In contrast to the existing solutions for encrypted file systems,our scheme not only supports dynamic joining and revoking users,but also has shorter ciphertexts and constant-size decryption keys.     

A method for trust management in cloud computing: Data coloring by cloud watermarking

With the development of Internet technology and human computing, the computing environment has changed dramatically over the last three decades. Cloud computing emerges as a paradigm of Internet computing in which dynamical, scalable and often virtualized resources are provided as services. With virtualization technology, cloud computing offers diverse services (such as virtual computing, virtual storage, virtual bandwidth, etc.) for the public by means of multi-tenancy mode. Although users are enjoying the capabilities of super-computing and mass storage supplied by cloud computing, cloud security still remains as a hot spot problem, which is in essence the trust management between data owners and storage service providers. In this paper, we propose a data coloring method based on cloud watermarking to recognize and ensure mutual reputations. The experimental results show that the robustness of reverse cloud generator can guarantee users embedded social reputation identifications. Hence, our work provides a reference solution to the critical problem of cloud security.     

Extracting objects from Ada83 programs: A case study

Reengineering legacy systems written in conventional procedural languages to equivelent OO systms makes software more maintainable and reliable.This paper proposes a method for extracting objects from legacy Ada83 systems using module features.Firest.metrics are developed to measure module cohesion.Then,effects on cohesion from changing module components are analyzed and rules about how to extract inheritance relations among objects are given.At the end of this paper,an object-extracting algorithm usin module features is proposed.     

Research on the logic coverage method of white-box testing

Software testing is an effective and direct way to improve the reliability of software. This paper presents a class of white-boxes testing methods-the logic coverage testing methods, and discuses how to design testing cases of the various programmes by using condition coverage method with examples. And makes condition coverage method, statement coverage method and decision coverage method in-depth and detailed comparison. At last, analyzes the current software testing methods.     

Call for Papers of Software Process Workshop 2005

The expanding role of software and information systems in the world has focused increasing attention upon the need for assurances that software systems can be developed at acceptable speed and cost, on a predictable schedule, and in such a way that resulting systems are of acceptably high quality and can be evolved surely and rapidly as usage contexts change. This sharpened focus is creating new challenges and opportunities for software process technology. The increasing pace of software system change requires more lightweight and adaptive processes, while the increasing mission-criticality of software system srequires more process predictability and control, as well as more explicit attention to business or mission values. A major goal of this workshop will be to suggest ways in which to integrate two complementary lines of research to create a rigorous, orderly discipline of software process engineering. This integration could suggest, for example, how high level process behaviors might be predicted, and modified, through lower level analyses and optimizations.     

基于角色访问控制模型及其在操作系统中的实现

Since Role-based access control shows great advantage in meeting the security need in large-scale, enter-prise-wide system, RBAC becomes the hot topic in access control research area. Researchers have proposed several RBAC models, which include the famous RBAC96 model. However, these frameworks are sometimes hard for sys-tem developers to underst and because the models defined are too abstract or focus on application-oriented solutions.In this paper, a new model (OSRBAC) is discussed, which is the improved model to RBAC3 model in RBAC96 modelfamily. Compared with RBAC3 model, OSRBAC model is more concrete and easilier to understand. At the end, this paper describes the implementation of OSRBAC model in RedFlag Secure Operating System(RFSOS).     

BD-UIMS:How It Supports Semantic Feedback and Direct Manipulation

In this paper we present some results from our research on representation methods an architectural model of UIMS,suitable for accommodating various interactive styles.By roughly describing an experimental system of BD-UIMS,we lay emphasis on how to support irect manipulation and semanticfeedback,Particular attention is given to a simple conceptual model of user interface as well.Based on this model,the designing process of user interface is rather easy.Although current work is under DOS environment,the approach of transplanting it to UNIX is being developed.     

A new formal model for privilege control with supporting POSIX capability mechanism

In order to enforce the least privilege principle in the operating system, it is necessary for the process privilege to be effectively controlled; but this is very difficult because a process always changes as time changes. In this paper, based on the analysis on how the process privilege is generated and how it works, a hierarchy implementing the least privilege principle with three layers, i.e. administration layer, functionality control layer and performance layer, is posed. It is clearly demonstrated that to bound privilege's working scope is a critical part for controlling privilege, but this is only mentioned implicitly while not supported in POSIX capability mechanism. Based on analysis of existing control mechanism for privilege, not only an improved capability inheritance formula but also a new complete formal model for controlling process based on integrating RBAC, DTE, and POSIX capability mechanism is introduced. The new invariants in the model show that this novel privilege control mechanism     

Image categorization using a semantic hierarchy model with sparse set of salient regions

Image categorization in massive image database is an important problem. This paper proposes an approach for image categorization, using sparse set of salient semantic information and hierarchy semantic label tree （HSLT） model. First, to provide more critical image semantics, the proposed sparse set of salient regions only at the focuses of visual attention instead of the entire scene was formed by our proposed saliency detection model with incorporating low and high level feature and Shotton＇s semantic texton forests （STFs） method. Second, we also propose a new HSLT model in terms of the sparse regional semantic information to automatically build a semantic image hierarchy, which explicitly encodes a general to specific image relationship. And last, we archived image dataset using image hierarchical semantic, which is help to improve the performance of image organizing and browsing. Extension experimefital results showed that the use of semantic hierarchies as a hierarchical organizing frame- work provides a better image annotation and organization, improves the accuracy and reduces human＇s effort.     

扩充角色层次关系模型及其应用

基于网络的大规模软件应用系统面临着日益复杂的数据资源安全管理的难题.基于角色的访问控制方法(role-based access control,简称RBAC)实现用户与访问权限的逻辑分离和构造角色之间的层次关系,从而方便了数据的安全管理.该文在RBAC96模型的基础上,对角色之间的层次关系进行了扩充,定义了角色的公共权限和私有权限,引入了一般继承和扩展继承机制,形成了一个能描述复杂层次关系的角色访问控制模型EHRBAC(extended hierarchy role-based access contro     

角色访问控制

1 引言角色访问控制是一种介于传统的自主访问控制和强制访问控制机制之间的安全策略,越来越引起人们的重视。角色访问控制机制很自然映射到组织机构中,每个用户可以赋予一些角色,每个角色负责一些任务。在最近20年中,角色访问控制机制已经有各种不同形式的应用。本文介绍Sandhu在96年提出的角色访问控制形式化的定义和模型,指出了角色访问控制和用户组的不同之处,并结合Sandhu提出的模型,给出了角色继承和角色限制的定义以及形式化的描述,对角色限制中最重要的部分也就是任务分离作了详细的介绍。     

RBAC模型的角色层次关系及授权管理研究

针对RBAC96模型簇中角色私有权限处理存在的不足,本文提出把角色权限分为私有权限和公有权限;并且,在角色权限继承时,保证了角色的私有权限不被高层次的角色继承,高级角色只能继承低级角色的公有权限部分。针对RBAC96簇模型的普通角色继承所存在权限不能及时授予与回收的问题,给出了一种面向任务的RBAC策略方案,从而使得RBAC模型
更好地发挥其优势。     

一种新的访问控制模型--TBPM-RBAC

基于角色的访问控制RBAC(role—based access control)能够降低访问控制管理工作的复杂性,但是要在RBAC申高效合理地为角色配置权限仍然具有一定的难度,而且RBAC不适合处理存在依赖和时序关系的访问控制。本文通过在RBAC中引入任务机制解决以上两点困难,即权限被授予任务,任务被授予角色,角色只能使用它正在执行的任务所允许的权限。提出了TBPM-RBAC(task—based permissions management in RBAC)模型,给出了模型的定义,对模型进行了分析并给出了模型的两个应用示例。     

校园网中的Role-based Access Control模型设计

介绍了如何将Role-based Access Control(RBAC)模型应用于校园网的访问控制系统中。其特点是通过分配和取消角色来完成用户权限的授予和取消，并且提供了角色分配规则和操作检查规则。安全管理人员根据需要定义各种角色，并设置合适的访问权限，而用户根据其责任和资历被指派为不同的角色。根据系统的实际需求，创建了一个带有简单层次的RBAC模型。     

基于RBAC模型的用户权限在OA中的研究

本文阐述了RBAC模型的基本原理,并针对OA系统权限管理所遇到的问题,提出了基于RBAC的用户权限管理的解决方案。将RBAC运用到OA的用户访问权限管理中,增强了系统信息的安全性。本OA系统基于B/S架构,在一定程度上保证了权限管理的质量,有效地解决了OA系统权限的管理问题。     

一个改进的角色层次化关系模型及其应用

该文针对传统的RBAC模型的不足,提出私有权限、公有权限和特征权限等概念,且提出一般继承、私有化继承、公有化继承和无特征继承等角色继承方式,并基于这些新的概念和方法建立了一个改进的角色层化关系模型。应用实例说明,新模型在描述同样的角色层次关系时角色数量比传统模型要少,因而比传统模型更加简化和直观,特别适合于在大型角色层次关系情况下的应用。     

基于XML图的RBAC模型研究

针对传统XML描述的基于角色的访问控制(RBAC)模型在角色权限继承、约束方面支持的不足,提出了一种基于XML图的RBAC3模型。该模型通过属性引用的方式实现了多重继承并引入面向对象中私有继承的概念,使角色的私有权限得到保护。同时,通过引入互斥权限的概念简化了责任分离的实现。     

基于RBAC/CORBA安全访问实现技术研究

RBAC(基于角色的访问控制)是一种以角色为中心、用户和权限皆与角色关联的访问控制模型，可以简化用户权限的指派。CORBA Security服务模型是一个规范，它将访问控制策略完全留给安全管理员制定，即策略的具体组织方式由管理员安排。因此将CORBA Security服务与RBAC的访问控制模型结合在一起可以提高访问控制策略管理的效率。     

An object-oriented organizational model to support dynamic role-based access control in electronic commerce

Role-based access control (RBAC) provides flexibility to security management over the traditional approach of using user and group identifiers. In RBAC, access privileges are given to roles rather than to individual users. Users acquire the corresponding permissions when playing different roles. Roles can be defined simply as a label, but such an approach lacks the support to allow users to automatically change roles under different contexts; using static method also adds administrative overheads in role assignment. In electronic commerce (E-Commerce) and other cooperative computing environments, access to shared resources has to be controlled in the context of the entire business process; it is therefore necessary to model dynamic roles as a function of resource attributes and contextual information.In this paper, an object-oriented organizational model, Organization Modeling and Management (OMM), is presented as an underlying model to support dynamic role definition and role resolution in E-Commerce solution. The paper describes the OMM reference model and shows how it can be applied flexibly to capture the different classes of resources within a corporation, and to maintain the complex and dynamic roles and relationships between the resource objects. Administrative tools use the role model in OMM to define security policies for role definition and role assignment. At runtime, the E-Commerce application and the underlying resource manager queries the OMM system to resolve roles in order to authorize any access attempts. Contrary to traditional approaches, OMM separates the organization model from the applications; thus, it allows independent and flexible role modeling to support realistically the dynamic authorization requirements in a rapidly changing business world.