Comparing the Expressive Power of Access Control Models
Author
Mahesh V. Tripunitara and Ninghui Li
Tech report number
CERIAS TR 2004-10
Abstract
Comparing the expressive power of
access control models is recognized
as a fundamental problem in computer
security. Such comparisons are
generally based on simulations
between different access control
schemes. However, the definitions
for simulations that are used in
the literature make it impossible
to put results and claims about the
expressive power of access control
models into a single context.
Furthermore, some definitions for
simulations used in the literature
such as those used for comparing
RBAC (Role-Based Access Control)
with other models, are too weak
to distinguish access control models
from one another in a meaningful way.
We propose a theory for comparing the
expressive power of access control
models. We perceive access control
systems as state-transition systems
and require simulations to preserve
security properties. We discuss the
rationale behind such a theory,
apply the theory to reexamine some
existing work on the expressive power
of access control models in the
literature and present three results.
We show that: (1) RBAC with a
particular administrative model from
the literature (ARBAC97) is limited
in its expressive power; (2) ATAM
(Augmented Typed Access Matrix) is
more expressive than TAM (Typed
Access Matrix), thereby solving an
open problem posed in the literature;
and (3) a trust-management language
is at least as expressive as RBAC
with a particular administrative
model (the URA97 component of
ARBAC97).
Institution
Purdue University
Affiliation
CERIAS and Department of Computer Science
Publication Date
2004-08-01
Contents
- Access Control
- Expressive Power of Access Control Models
- Role-Based Access Control (RBAC)
- Access Matrix
- TAM and ATAM
- Role-Based Trust Management (RT)
Subject
Comparing the Expressive Power of Access Control Models