By Topic

An extended capability architecture to enforce dynamic access control policies

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
I-Lung Kao ; Distributed Syst. Services, IBM Corp., Austin, TX, USA ; Chow, R.

Capability has been widely used as a fundamental mechanism for access control in distributed systems. When an object manager receives a capability from a user process for accessing an object, it verifies the genuineness of the capability and checks whether the access request is allowed with the access rights placed on the capability. Capabilities have been recognized to be more suitable than centralized access control lists for object protection in a distributed system because of several obvious reasons. However, most existing capability based systems can only enforce static access control policies, which means all the access privileges a user possesses for an object are fully represented by a capability and will not change due to object access. These capability systems cannot be used to enforce dynamic access control policies, required by many complex applications, in which each authorization may depend upon a user's access history and/or an object's history of being accessed. The paper proposes an extended capability architecture to enforce dynamic access control policies both effectively and efficiently. The key issue is how to capture the dynamic access information in both capabilities and object managers while avoiding main disadvantages of centralized access control lists. A number of frequently desired security policies are used to demonstrate the power and flexibility of the proposed architecture. The problems regarding capability management including propagation, revocation, and distribution of capabilities are also discussed

Published in:

Computer Security Applications Conference, 1996., 12th Annual

Date of Conference:

9-13 Dec 1996