An operation-control scheme for authorization in computer systems

The access-control authorization scheme, which is being used for the protection of operating systems, is found to be inadequate in other areas, such as in databases and information systems. A new authorization scheme, which is a natural extension of access control, is proposed. The new scheme, which is called operation control, is shown to be superior to the accesscontrol scheme in a number of ways. In particular, it facilitates more natural and efficient representations of policies, particularly the type of complex policies that appear in information systems, it facilitates enforcement by compile-time validation due to a greater stability of authority states, and it reduces the need for revocation.This work was partially supported by Grant DAHCIS-73-G6 of the Advanced Research Project Agency of the US government. This paper is a modified version of the paper An Activator-based protection scheme, July 1976 (SOSAP-TR-25).