Databases Reference
In-Depth Information
1
Recent Advances in Access Control
S. De Capitani di Vimercati, S. Foresti, and P. Samarati
Dipartimento di Tecnologie dell'Informazione
Universita degli Studi di Milano
26013 Crema, Italy
{
decapita,foresti,samarati
}
@dti.unimi.it
Summary.
Access control is the process of mediating every request to resources
and data maintained by a system and determining whether the request should be
granted or denied. Traditional access control models and languages result limiting
for emerging scenarios, whose open and dynamic nature requires the development
of new ways of enforcing access control. Access control is then evolving with the
complex open environments that it supports, where the decision to grant an access
may depend on the properties (attributes) of the requestor rather than her identity
and where the access control restrictions to be enforced may come from different
authorities. These issues pose several new challenges to the design and implemen-
tation of access control systems. In this chapter, we present the emerging trends in
the access control field to address the new needs and desiderata of today's systems.
1 Introduction
Information plays an important role in any organization and its protection
against unauthorized disclosure (
secrecy
) and unauthorized or improper mod-
ifications (
integrity
), while ensuring its availability to legitimate users (
no
denials-of-service
) is becoming of paramount importance. An important ser-
vice in guaranteeing information protection is the
access control
service. Ac-
cess control is the process of mediating every request to resources and data
maintained by a system and determining whether the request should be
granted or denied. An access control system can be considered at three dif-
ferent abstractions of control: access control
policy
, access control
model
,and
access control
mechanism
. A policy defines the high level rules used to verify
whether an access request is to be granted or denied. A policy is then formal-
ized through a
security model
and is enforced by an access control
mechanism
.
The separation between policies and mechanisms has a number of advantages.
First, it is possible to discuss protection requirements independently of their
implementation. Second, it is possible to compare different access control poli-
cies as well as different mechanisms that enforce the same policy. Third, it is
possible to design access control mechanisms able to enforce multiple policies.
