A petri-net model of access control mechanisms
作者:
Highlights:
•
摘要
Petri-nets provide a view of systems in terms of conditions and events that is very useful to access control mechanism modeling. Moreover, an access control mechanism for complex control policies can be viewed as several, separate mechanisms, each enforcing a simple policy; such models cooperate to enforce the global system policies. In order to follow this approach it is convenient to model access control mechanisms with Petri-nets. In this paper we identify and model a set of elementary control policies and show how some information system policies such as discretionary access, constrained access, cooperative authorization can be obtained as a combination of these elementary policies. The models obtained are an homogeneous and modular representation of control problems that proved to be advantageous in the implementation phase of our research.
论文关键词:Security models,security mechanisms,discretionary access,propagation of privileges,Petri-nets
论文评审过程:Received 25 September 1986, Revised 3 June 1987, Available online 10 June 2003.
论文官网地址:https://doi.org/10.1016/0306-4379(88)90026-9