An operation-control scheme for authorization in computer systems |
| |
Authors: | Naftaly Minsky |
| |
Affiliation: | (1) Department of Computer Science, Rutgers University, New Brunswick, New Jersey |
| |
Abstract: | The access-control authorization scheme, which is being used for the protection of operating systems, is found to be inadequate in other areas, such as in databases and information systems. A new authorization scheme, which is a natural extension of access control, is proposed. The new scheme, which is called operation control, is shown to be superior to the accesscontrol scheme in a number of ways. In particular, it facilitates more natural and efficient representations of policies, particularly the type of complex policies that appear in information systems, it facilitates enforcement by compile-time validation due to a greater stability of authority states, and it reduces the need for revocation.This work was partially supported by Grant DAHCIS-73-G6 of the Advanced Research Project Agency of the US government. This paper is a modified version of the paper An Activator-based protection scheme, July 1976 (SOSAP-TR-25). |
| |
Keywords: | Protection access control operation control authorization operating systems information systems |
本文献已被 SpringerLink 等数据库收录! |
|