A Survey on Access Control Deployment

Access control is a security aspect whose requirements evolve with technology advances and, at the same time, contemporary social contexts. Multitudes of access control models grow out of their respective application domains such as healthcare and collaborative enterprises; and even then, further administering means, human factor considerations, and infringement management are required to effectively deploy the model in the particular usage environment. This paper presents a survey of access control mechanisms along with their deployment issues and solutions available today. We aim to give a comprehensive big picture as well as pragmatic deployment details to guide in understanding, setting up and enforcing access control in its real world application.

[1]  Ed Dawson,et al.  An administrative model for UCON , 2010, ISC 2010.

[2]  James B. D. Joshi,et al.  CT-RBAC: A Temporal RBAC Model with Conditional Periodic Time , 2007, 2007 IEEE International Performance, Computing, and Communications Conference.

[3]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[4]  Elisa Bertino,et al.  xfACL: an extensible functional language for access control , 2011, SACMAT '11.

[5]  Steve Barker Action-status access control , 2007, SACMAT '07.

[6]  Ji Ma,et al.  Risk Analysis in Access Control Systems Based on Trust Theories , 2010, 2010 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology.

[7]  Claudia Keser,et al.  Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[8]  Jorge Lobo,et al.  Risk-based access control systems built on fuzzy inferences , 2010, ASIACCS '10.

[9]  Fabio Massacci Infringo ergo sum: when will software engineering support infringements? , 2010, FoSER '10.

[10]  David F. Ferraiolo,et al.  Assessment of Access Control Systems , 2006 .

[11]  Achim D. Brucker,et al.  Extending access control models with break-glass , 2009, SACMAT '09.

[12]  Farzad Salim,et al.  Authorization models for secure information sharing: a survey and research agenda , 2010, ISC Int. J. Inf. Secur..

[13]  Nora Cuppens-Boulahia,et al.  Security policy compliance with violation management , 2007, FMSE '07.

[14]  Ed Dawson,et al.  An Administrative Model for UCON ABC , 2010, AISC.

[15]  Elisa Bertino,et al.  GEO-RBAC: a spatially aware RBAC , 2005, SACMAT '05.

[16]  Vijayalakshmi Atluri,et al.  Role Engineering via Prioritized Subset Enumeration , 2010, IEEE Transactions on Dependable and Secure Computing.

[17]  Shigeo Tsujii On Information Security , 1987 .

[18]  Nafees Qamar,et al.  Validation of security policies by the animation of Z specifications , 2011, SACMAT '11.

[19]  Jorge Lobo,et al.  Evaluating role mining algorithms , 2009, SACMAT '09.

[20]  Sean W. Smith,et al.  What's Wrong with Access Control in the Real World? , 2010, IEEE Security & Privacy.

[21]  Achim D. Brucker,et al.  An approach to modular and testable security models of real-world health-care applications , 2011, SACMAT '11.

[22]  Eric Rescorla,et al.  A Survey of Authentication Mechanisms , 2010 .

[23]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[24]  Sabrina De Capitani di Vimercati,et al.  Access Control Policies, Models, and Mechanisms , 2011, Encyclopedia of Cryptography and Security.

[25]  Srdjan Marinovic,et al.  Rumpole: a flexible break-glass access control model , 2011, SACMAT '11.

[26]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[27]  R. Sandhu,et al.  Access control: principles and practice , 1994, IEEE Commun. Mag..

[28]  Steven M. Bellovin,et al.  Laissez-faire file sharing: access control designed for individuals at the endpoints , 2009, NSPW '09.

[29]  Gail-Joon Ahn,et al.  Anomaly discovery and resolution in web access control policies , 2011, SACMAT '11.

[30]  Xu Liyun,et al.  Hierarchical and dynamic security access control for collaborative design in virtual enterprise , 2010, 2010 2nd IEEE International Conference on Information Management and Engineering.

[31]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[32]  Bogdan Carbunar,et al.  Efficient access enforcement in distributed role-based access control (RBAC) deployments , 2009, SACMAT '09.

[33]  Heejo Lee,et al.  Enforcing Access Control Using Risk Assessment , 2007, Fourth European Conference on Universal Multiservice Networks (ECUMN'07).

[34]  Joachim M. Buhmann,et al.  On the definition of role mining , 2010, SACMAT '10.

[35]  Xia Zhao,et al.  Access Governance: Flexibility with Escalation and Audit , 2010, 2010 43rd Hawaii International Conference on System Sciences.