Information Technology Reference
In-Depth Information
constraints on time attributes associated with subjects and objects, and a reference
time interval such as time of access.
Several areas related to TIAC are still being investigated. We are considering the
formal semantics for creating and deleting temporal authorizations as well as the
policy implications of the tranquility of temporal attributes associated with subjects
and objects. In general, a
set
of mode-
pairs can be associated with each subject-
object pair in order to be able to express a different policy for each mode of access,
but that extension to the TIAC model is left for future work.
We also plan to generalize this model so that it could specify an access request that
uses a different reference time interval other than current time, which would allow the
model to check for previous, current, and future authorizations. This research is also
being extended to determine a set of useful temporal access control policies that can
be expressed using the TIAC model. Finally, we are considering other enhancements
to the TIAC model that involve extending the TIAC model concept to support the
specification of event-based security policies.
ϕ
References
1.
Afinidad, F.B.: An Interval Algebra-Based Temporal Access Control Protection
Architecture. Dissertation, Naval Postgraduate School, Monterey, CA (2005)
2.
Afinidad, F.B., Levin, T.E., Irvine, C.E., and Nguyen, T.D.: Toward Building A Time
Interval Access Control (TIAC) Model. Naval Postgraduate School, NPS Technical Report
NPS-CS-05-006 (June 2005)
3.
Allen, J.F.: Maintaining Knowledge About Temporal Intervals. Communications of the
ACM, Vol. 26, no. 11 (November 1983) 832-843
4.
Atluri, V. and Gal, A.: An Authorization Model for Temporal and Derived Data: Securing
Information Portals. ACM Transactions on Information and System Security, Vol. 5, no. 1
(February 2002) 62-94
5.
Bertino, E., Bettini, C. and Samarati, P.: A Discretionary Access Control Model with
Temporal Authorizations. Proceedings of the 1994 Workshop on New Security Paradigms
(1994) 102-107
6.
Bertino, E., Bettini, C. and Samarati, P.: A Temporal Authorization Model. Proceedings of
the 2nd ACM Conference on Computer and Communications Security (1994) 126-135
7.
Gal, A. and Atluri, V.: An Authorization Model for Temporal Data. Proceedings of the 7th
ACM Conference on Computer and Communications Security, November 1-4 (2000) 144-
153
8.
Graham, G.S. and Denning, P.J.: Protection - Principles and Practice. Proceedings of the
Spring Joint Computer Conference, May 16-18 (1972) 417-429
9.
Lampson, B.W.: Protection. Proceedings of the 5th Princeton Symposium on Information
Sciences and Systems (March, 1971) pp. 437-443, reprinted in Operating Systems
Review, Vol. 8, no. 1 (January 1974) 18-24
10.
Weissman, C.: Security Controls in the ADEPT-50 Time-Sharing System. Proceedings of
the Fall Joint Computer Conference, November 18-20 (1969) 119-133
