Toward practical authorization-dependent user obligation systems

Murillo Pontual; Omar Chowdhury; William Winsborough; Ting Yu; Keith Irwin

doi:10.1145/1755688.1755711

Back

Conference proceeding

Toward practical authorization-dependent user obligation systems

Murillo Pontual, Omar Chowdhury, William Winsborough, Ting Yu and Keith Irwin

Proceedings of the 5th ACM Symposium on information, computer and communications security, pp.180-191

ASIACCS '10

04/13/2010

DOI: 10.1145/1755688.1755711

View Online

Abstract

Many authorization system models include some notion of obligation. Little attention has been given to user obligations that depend on and affect authorizations. However, to be usable, the system must ensure users have the authorizations they need when their obligations must be performed. Prior work in this area introduced accountability properties that ensure failure to fulfill obligations is not due to lack of required authorizations. That work presented inconclusive and purely theoretical results concerning the feasibility of maintaining accountability in practice. The results of the current paper include algorithms and performance analysis that support the thesis that maintaining accountability in a reference monitor is reasonable in many applications.

obligations

RBAC

authorization systems

accountability

policy

Details

Title: Subtitle: Toward practical authorization-dependent user obligation systems
Creators: Murillo Pontual
Omar Chowdhury
William Winsborough
Ting Yu
Keith Irwin
Resource Type: Conference proceeding
Publication Details: Proceedings of the 5th ACM Symposium on information, computer and communications security, pp.180-191
Series: ASIACCS '10
DOI: 10.1145/1755688.1755711
Publisher: ACM
Grant note: DOI: 10.13039/100000144, name: Division of Computer and Network Systems, award: CNS-0716210CNS-0716750
Language: English
Date published: 04/13/2010
Academic Unit: Computer Science
Record Identifier: 9984002483302771

Metrics

15 Record Views