C. H. Lin, R. C. T. Lee and C. C. Chang+
Institute of Computer Science
National Tsing Hua University
Hsinchu, Taiwan 30043, Republic of China
+Institute of Computer Science and Information Engineering
National Chung Cheng University
Chiayi, Taiwan 62107, Republic of China
In this paper, a dynamic access control mechanism with a single lock for an information protection system is proposed. Each file in the system is assigned a lock value. The access right of a user to a file is revealed by applying straightforward division operations on the file's lock. In addition, our mechanism is suitable for changing a privilege value, insertion or deletion of a user, and insertion or deletion of a file with a small change in the lock value(s). Compared to Wu and Hwangs' and Chang's methods, the computation of a lock value is simple and the verification of an access request is quite efficient.
Keywords: access request, authorized access, dynamic access control mechanism, linear-hierarchy, privilege, requesting privilege, singlekey-lock (SKL) system
Received August 15, 1989; revised November 3, 1989.
Communicated by Lin-Shan Lee.
*Parts of this paper has been presented in the International Workshop on Discrete Algorithms and Complexity, November 20-22, 1989, Fukuoka, Japan, Sponsored by IEICE Technical Group on Computation (COMP), IPSJ Special Interest Group on Algorithms(SIGAL), and IPSJ Kyushu Branch.