Extended Role Based Access Control with Procedural Constraints for Trusted Operating Systems

Wook SHIN  Jong-Youl PARK  Dong-Ik LEE  

IEICE TRANSACTIONS on Information and Systems   Vol.E88-D   No.3   pp.619-627
Publication Date: 2005/03/01
Online ISSN: 
DOI: 10.1093/ietisy/e88-d.3.619
Print ISSN: 0916-8532
Type of Manuscript: PAPER
Category: Application Information Security
trusted operating system,  security kernel,  reference monitor,  secure operating system,  access control,  RBAC,  procedural constraints,  

Full Text: PDF(817.3KB)>>
Buy this Article

The current scheme of access control judges the legality of each access based on immediate information without considering associate information hidden in a series of accesses. Due to the deficiency, access control systems do not efficiently limit attacks consist of ordinary operations. For trusted operating system developments, we extended RBAC and added negative procedural constraints to refuse those attacks. With the procedural constraints, the access control of trusted operating systems can discriminate attack trials from normal behaviors. This paper shows the specification of the extended concept and model, and presents simple analysis results.