Keywords: information flow, object oriented role-based access control model (ORBAC), XML, MAC, confinement problem
Received November 11, 2002; revised April 25, 2005; accepted August 31, 2005.
Communicated by Randy Y. C. Chow.
| Previous | [ 1] | [ 2] | [ 3] | [ 4] | [ 5] | [ 6] | [ 7] | [ 8] | [ 9] | [ 10] | [ 11] | [ 12] | [ 13] |
¡@
Cungang Yang and Chang N. Zhang*
Department of Electrical and Computer Engineering
Ryerson University
Toronto, Ontario, M5B 2K3, Canada
*Department of Computer Science
University of Regina
Regina, Saskatchewan, S4S 0A2, Canada
In this paper, a practical method that can be employed to manage security policies
using the eXtensible Markup Language (XML) is presented. The method efficiently administrates
security policies based on the object oriented role-based access control model
(ORBAC). Moreover, an information flow analysis technique is introduced for checking
whether or not a created XML-based ORBAC security policy satisfies the Mandatory
Access Control (MAC) security principles.
Received November 11, 2002; revised April 25, 2005; accepted August 31, 2005.
Communicated by Randy Y. C. Chow.