Please use this identifier to cite or link to this item:
http://hdl.handle.net/10773/23834
Title: | SeqBAC: A Sequence-Based Access Control Model |
Author: | Regateiro, Diogo Mortágua, Óscar Aguiar, Rui |
Keywords: | Information security Access control Sequence enforcement Database security SeqBAC |
Issue Date: | 1-Jul-2018 |
Publisher: | KSI Research Inc. |
Abstract: | Access control, when used in the context of database applications, is aimed to supervise the requests made by legitimate users to access sensitive data. These requests represent actions that a user can perform on a database and they typically read or write data. While this supervision can be formalized at a higher level, e.g. using an access control model such as RBAC, in the end, the data access is done through each authorized action. Therefore, the current access control models enforce their policies on an action by action basis, being unable to support relations of order between them. In many database applications, access to data is not done randomly, but by following very specific sequences of actions which are not supervised. This paper argues that a better security policy can be achieved by supervising these sequences. Thus, previous research is leveraged to propose a formalized model, capable of enforcing access control over the sequences of actions that can complement existing access control models. |
Peer review: | yes |
URI: | http://hdl.handle.net/10773/23834 |
DOI: | 10.18293/SEKE2018-099 |
ISSN: | 2325-9000 2325-9086 |
Appears in Collections: | DETI - Comunicações IT - Comunicações |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
(CP) - 2018-07-01 (SEKE - San Francisco - USA) SeqBAC - A Sequence-Based Access Control Model.pdf | Documento principal | 7.37 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.