Sciweavers

SP
2005
IEEE

On Safety in Discretionary Access Control

14 years 5 months ago
On Safety in Discretionary Access Control
An apparently prevailing myth is that safety is undecidable in Discretionary Access Control (DAC); therefore, one needs to invent new DAC schemes in which safety analysis is decidable. In this paper, we dispel this myth. We argue that DAC should not be equated with the Harrison-Ruzzo-Ullman access matrix scheme [10], in which safety is undecidable. We present an efficient (running time cubic in its input size) algorithm for deciding safety in the Graham-Denning DAC scheme [8], which subsumes the DAC schemes used in the literature on comparing DAC with other access control models. We also counter several claims made in recent work by Solworth and Sloan [27], in which the authors present a new access control scheme based on labels and relabelling and assert that it can implement the full range of DAC models. We present a precise characterization of their access control scheme and show that it does not adequately capture a relatively simple DAC scheme.
Ninghui Li, Mahesh V. Tripunitara
Added 25 Jun 2010
Updated 25 Jun 2010
Type Conference
Year 2005
Where SP
Authors Ninghui Li, Mahesh V. Tripunitara
Comments (0)