Access Control from an OS Security Perspective; Confidentiality; Discretionary Access Control; Firewall; Integrity; Mandatory Access Control; Role Based Access Control
Definition
Access control is a security function that protects shared resources against unauthorized accesses. The distinction between authorized and unauthorized accesses is made according to an access control policy.
Theory
Access control is employed to enforce security requirements such as confidentiality and integrity of data resources (e.g., files, database tables) to prevent unauthorized use of resources (e.g., programs, processor time, expensive devices), or to prevent denial of serviceto legitimate users. Practical examples of security violations that can be prevented by enforcing access control policies are: a journalist reading a politician’s medical record (confidentiality), a criminal performing fake bank account bookings (integrity), a student printing...
This is a preview of subscription content, access via your institution.
Buying options
Chapter
EUR 29.95
Price includes VAT (Australia)- DOI: 10.1007/978-1-4419-5906-5_179
- Chapter length: 6 pages
- Instant PDF download
- Readable on all devices
- Own it forever
- Exclusive offer for individuals only
- Tax calculation will be finalised during checkout
eBookEUR 748.99Price includes VAT (Australia)
- ISBN: 978-1-4419-5906-5
- Instant PDF download
- Readable on all devices
- Own it forever
- Exclusive offer for individuals only
- Tax calculation will be finalised during checkout
Hardcover BookEUR 799.99Price excludes VAT (Australia)
- ISBN: 978-1-4419-5905-8
- Dispatched in 3 to 5 business days
- Exclusive offer for individuals only
- Free shipping worldwide
Shipping restrictions may apply, check to see if you are impacted. - Tax calculation will be finalised during checkout
Learn about institutional subscriptions
Access Control. Fig. 1
Access Control. Fig. 2
Access Control. Fig. 3
Saltzer JH, Schroeder MD (September 1975) The protection of information in computer systems. Proceedings of the IEEE 9(63):1278–1308 CrossRef Google Scholar Clark DD, Wilson DR (1987) A comparison of commercial and military computer security policies. In Proceedings of the IEEE Symposium on Security and Privacy, pp 184–194 Google Scholar Brewer D, Nash M (1989) The Chinese wall security policy. In Proceedings of the IEEE Symposium on Security and Privacy, pp 206–214 Google Scholar Landwehr CE (September 1981) Formal models for computer security. ACM Comput Surv 13(3):247–278 CrossRef Google Scholar Lampson BW (January 1974) Protection. ACM Operating Syst Rev 8(1):18–24 CrossRef Google Scholar Harrison MH, Ruzzo WL, Ullman JD (1976) Protection in operating systems. Commun ACM 19(8):461–471 CrossRef MATH MathSciNet Google Scholar Griffiths PP, Wade BW (September 1976) An authorization mechanism for a relational database system. ACM Trans Database Syst 1(3):242–255Recommended Reading
CrossRef Google Scholar
Fagin R (September 1978) On an authorization mechanism. ACM Trans Database Syst 3(3):310–319
CrossRef Google Scholar
Lampson BW, Abadi M, Burrows M, Wobber E (November 1992) Authentication in distributed systems: theory and practice. ACM Trans Comput Syst 10(4):265–310
CrossRef Google Scholar
Dennis JB, Van Horn EC (March 1966) Programming semantics for multiprogrammed computations. Commun ACM 9(3): 143–155
CrossRef MATH Google Scholar
Fabry RS (1974) Capability-based addressing. Commum ACM 17(7):403–412
CrossRef Google Scholar
Linden TA (December 1976) Operating system structures to support security and reliable software. ACM Comput Surv 8(4):409–445
CrossRef Google Scholar
Levy HM (1984) Capability-based computer systems. Digital Press, Maynard
Google Scholar
Ellison CM, Frantz B, Lampson B, Rivest R, Thomas BM, Ylönen T (September 1999) SPKI certificate theory. RFC 2693
Google Scholar
Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (February 1996) Role-based access control models. IEEE Comput 29(2): 38–47
CrossRef Google Scholar
Sandhu RS (November 1993) Lattice-based access control models. IEEE Comput 26(11):9–19
CrossRef Google Scholar
Bell DE, LaPadula LJ (May 1973) Secure computer systems: a mathematical model. Mitre Technical Report 2547, Volume II
Google Scholar
Biba KJ (1977) Integrity considerations for secure computer systems. Mitre Technical Report 3153
Google Scholar
Denning DE (1976) A lattice model of secure information flow. Commun ACM 19(5):236–243
CrossRef MATH MathSciNet Google Scholar
Download references
Author information
Authors and Affiliations
HYPE Softwaretechnik GmbH, Trierer Straße 70-72, D-53115, Bonn, Germany
Gerald Brose
Authors
- Gerald Brose
View author publications
You can also search for this author in PubMed Google Scholar
Editor information
Editors and Affiliations
Department of Mathematics and Computing Science, Eindhoven University of Technology, 5600 MB, Eindhoven, The Netherlands
Henk C. A. van Tilborg
Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030-4422, USA
Sushil Jajodia
Rights and permissions
Reprints and Permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Brose, G. (2011). Access Control. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. //doi.org/10.1007/978-1-4419-5906-5_179