论文信息 - On the Modeling of Bell-LaPadula Security Policies Using RBAC

On the Modeling of Bell-LaPadula Security Policies Using RBAC

The Bell-LaPadula security model is a hybrid model that combines mandatory access controls and discretionary access controls. The Bell-LaPadula security model has been widely accepted in military environments for its capability to specify military style confidentiality policies. The role based access control (RBAC) model has attracted extensive research effort and has been acknowledged as a flexible and policy natural model. This paper investigates a way of modeling Bell-LaPadula security policies using the RBAC model. The capability of modeling Bell-LaPadula security policies using RBAC model means that applications that are implemented using the RBAC model can then be deployed in military environments and will meet their requirements for information confidentiality.

David W. Chadwick | Gansen Zhao | D. Chadwick | Gansen Zhao

[1] Ravi S. Sandhu,et al. The NIST model for role-based access control: towards a unified standard , 2000, RBAC '00.

[2] Ravi S. Sandhu,et al. Lattice-based access control models , 1993, Computer.

[3] Sylvia L. Osborn,et al. Modeling Mandatory Access Control in Role-Based Security Systems , 1995, DBSec.

[4] David W. Chadwick,et al. Implementing Role Based Access Controls UsingX.509 Attribute Certificates , 2003 .

[5] Serban I. Gavrila,et al. Formal specification for role based access control user/role and role/role relationship management , 1998, RBAC '98.

[6] David W. Chadwick,et al. Role-Based Access Control With X.509 Attribute Certificates , 2003, IEEE Internet Comput..

[7] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.

[8] Ravi S. Sandhu. Role Hierarchies and Constraints for Lattice-Based Access Controls , 1996, ESORICS.

[9] Rolf Oppliger,et al. Using Attribute Certificates to Implement Role-based Authorization and Access Controls , 2000 .