Access control: principle and practice
暂无分享,去创建一个
Access control constrains what a user can do directly, as well as what programs executing on behalf of the users are allowed to do. In this way access control seeks to prevent activity that could lead to a breach of security. This article explains access control and its relationship to other security services such as authentication, auditing, and administration. It then reviews the access matrix model and describes different approaches to implementing the access matrix in practical systems, and follows with a discussion of access control policies commonly found in current systems, and a brief consideration of access control administration.<<ETX>>
[1] Ravi S. Sandhu,et al. Lattice-based access control models , 1993, Computer.
[2] David F. Ferraiolo,et al. An Examination of Federal and Commercial Access Control Policy Needs , 1993 .
[3] Simon S. Lam,et al. Authentification for Distributed Systems , 1992, Computer.
[4] Elisa Bertino,et al. Authorizations in relational database management systems , 1993, CCS '93.
[5] Santosh Chokhani. Trusted products evaluation , 1992, CACM.