A Hybrid RBAC-PBAC Access Control Model for Network Isolation System

Network isolation system integrates various technologies to achieve its high-security performance and access control is an indispensable one among them. In order to control and manage accesses to all the services provided by network isolation system, we need to establish an efficient access control model and make a set of fine-grained rules for the model. In this paper, we analyze service access control requirements in network isolation system firstly. And, according to the special running environment, we propose a hybrid service access control model based on RBAC (Role- based Access Control) and PBAC (Police-based Access Control). Then, we research rules making and realization method of the proposed model. In the end, we realize the hybrid model and its configuration.

[1]  Chris Vance,et al.  Design and implementation of the Trusted BSD MAC framework , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[2]  Ravi Sandhu Access Control: The Neglected Frontier , 1996, ACISP.

[3]  Michael K. Johnson,et al.  Linux Application Development (2nd Edition) , 2004 .

[4]  L.,et al.  SECURE COMPUTER SYSTEMS : MATHEMATICAL FOUNDATIONS , 2022 .

[5]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[6]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[7]  Timothy Fraser,et al.  Hardening COTS software with generic software wrappers , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[8]  Luciano Paschoal Gaspary,et al.  Policy-based access control in peer-to-peer grid systems , 2005, The 6th IEEE/ACM International Workshop on Grid Computing, 2005..

[9]  Wu Cheng Policy-based access control in enterprise information system , 2005 .