Please use this identifier to cite or link to this item:
Title: SeqBAC: A Sequence-Based Access Control Model
Author: Regateiro, Diogo
Mortágua, Óscar
Aguiar, Rui
Keywords: Information security
Access control
Sequence enforcement
Database security
Issue Date: 1-Jul-2018
Publisher: KSI Research Inc.
Abstract: Access control, when used in the context of database applications, is aimed to supervise the requests made by legitimate users to access sensitive data. These requests represent actions that a user can perform on a database and they typically read or write data. While this supervision can be formalized at a higher level, e.g. using an access control model such as RBAC, in the end, the data access is done through each authorized action. Therefore, the current access control models enforce their policies on an action by action basis, being unable to support relations of order between them. In many database applications, access to data is not done randomly, but by following very specific sequences of actions which are not supervised. This paper argues that a better security policy can be achieved by supervising these sequences. Thus, previous research is leveraged to propose a formalized model, capable of enforcing access control over the sequences of actions that can complement existing access control models.
Peer review: yes
DOI: 10.18293/SEKE2018-099
ISSN: 2325-9000
Appears in Collections:DETI - Comunicações
IT - Comunicações

Files in This Item:
File Description SizeFormat 
(CP) - 2018-07-01 (SEKE - San Francisco - USA) SeqBAC - A Sequence-Based Access Control Model.pdfDocumento principal7.37 MBAdobe PDFView/Open

Formato BibTex MendeleyEndnote Degois 

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.