Access control for large collections

Efforts to place vast information resources at the fingertips of each individual in large user populations must be balanced by commensurate attention to information protection. For distributed systems with less-structured tasks, more-diversified information, and a heterogeneous user set, the computing system must administer enterprise-chosen access control policies. One kind of resource is a digital library that emulates massive collections of paper and other physical media for clerical, engineering, and cultural applications. This article considers the security requirements for such libraries and proposes an access control method that mimics organizational practice by combining a subject tree with ad hoc role granting that controls privileges for many operations independently, that treats (all but one) privileged roles (e.g., auditor, security officer) like every other individual authorization, and that binds access control information to objects indirectly for scaling, flexibility, and reflexive protection. We sketch a realization and show that it will perform well, generalizes many deployed proposed access control policies, and permits individual data centers to implement other models economically and without disruption.

[1]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[2]  J. Linn Practical authentication for distributed computing , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Henry M. Gladney Administrative Control of Computing Service , 1978, IBM Syst. J..

[4]  O. Deux,et al.  The O2 system , 1991 .

[5]  Michael Stonebraker,et al.  Database systems: achievements and opportunities , 1990, SGMD.

[6]  Jack A. Orenstein,et al.  The ObjectStore database system , 1991, CACM.

[7]  Theodore M. P. Lee,et al.  Using mandatory integrity to enforce 'commercial' security , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[8]  Santosh Chokhani Trusted products evaluation , 1992, CACM.

[9]  Luis-Felipe Cabrera,et al.  CACL: efficient fine-grained protection for objects , 1992, OOPSLA.

[10]  Paul A. Karger Authentication and Discretionary Access Control in Computer Networks , 1986, Comput. Networks.

[11]  Bradford W. Wade,et al.  An authorization mechanism for a relational database system , 1976, TODS.

[12]  Jacob Stein,et al.  The GemStone object database management system , 1991, CACM.

[13]  O. Deux,et al.  The O2 system , 1991 .

[14]  Martín Abadi,et al.  A Calculus for Access Control in Distributed Systems , 1991, CRYPTO.

[15]  Henry M. Gladney A Storage Subsystem for Image and Records Management , 1993, IBM Syst. J..

[16]  Edward A. Fox,et al.  Digital libraries , 1995, CACM.

[17]  Vijay Varadharajan,et al.  An analysis of the proxy problem in distributed systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[18]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[19]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[20]  Elisa Bertino,et al.  A model of authorization for next-generation database systems , 1991, TODS.

[21]  Andreas Reuter,et al.  Transaction Processing: Concepts and Techniques , 1992 .

[22]  Corporate Ieee,et al.  Information Technology-Portable Operating System Interface , 1990 .

[23]  Paul A. Karger Authentication and discretionary access control in computer networks , 1986, Comput. Secur..

[24]  Henry M. Gladney,et al.  An Access Control Mechanism for Computing Resources , 1975, IBM Syst. J..

[25]  Hamid Pirahesh,et al.  Extensions to Starburst: objects, types, functions, and rules , 1991, CACM.

[26]  Michael Stonebraker,et al.  Database systems: achievements and opportunities , 1991, CACM.

[27]  Michael Stonebraker,et al.  The POSTGRES next generation database management system , 1991, CACM.

[28]  John T. Kohl,et al.  The Evolution of the Kerberos Authentication Service , 1992 .

[29]  Ronald Fagin,et al.  On an authorization mechanism , 1978, TODS.

[30]  Morris Sloman,et al.  The source of authority for commercial access control , 1988, Computer.

[31]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[32]  Joseph N. Pato,et al.  Extending the OSF DCE Authorization System to Support Practical Delegation , 1993 .

[33]  Lance J. Hoffman,et al.  Societal vulnerability to computer system failures , 1986, Comput. Secur..