Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2010
ACM
2010
ACM
Toward practical authorization-dependent user obligation systems
Many authorization system models include some notion of obligation. Little attention has been given to user obligations that depend on and affect authorizations. However, to be usable, the system must ensure users have the authorizations they need when their obligations must be performed. Prior work in this area introduced accountability properties that ensure failure to fulfill obligations is not due to lack of required authorizations. That work presented inconclusive and purely theoretical results concerning the feasibility of maintaining accountability in practice. The results of the current paper include algorithms and performance analysis that support the thesis that maintaining accountability in a reference monitor is reasonable in many applications. Categories and Subject Descriptors K.6.5 [Management of Computing and Information Systems]: Security and Protection General Terms Security, Theory Keywords Obligations, RBAC, Policy, Authorization Systems, Accountability
Real-time TrafficArea Introduced Accountability | CCS 2010 | Many Authorization | Security Privacy | Theory Keywords Obligations |
| Added | 18 May 2010 |
| Updated | 18 May 2010 |
| Type | Conference |
| Year | 2010 |
| Where | CCS |
| Authors | Murillo Pontual, Omar Chowdhury, William H. Winsborough, Ting Yu, Keith Irwin |
Comments (0)
Researcher Info
|
