Presentation | 1993/10/26 A Method of Dynamic Discretionary Access Control Kang Hyung-suck, Tsutomu Matsumoto, Hideki Imai, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | The discretionary access control(DAC)policies commonly used in ordinary computer systems are implemented fairly simple and straightforward,therefore they have several drawbacks.To achieve a relatively high efficiency,implementations based on DAC policies often adopt the group access permission for each subject such as user,group,etc.But this causes indirect information leakage on the access control mechanism without the information flow control.This paper proposes a method of DAC attaining both high confidentiality and efficiency.To manage information flows the method uses the dynamic restriction on group access permission.It prevents unauthorized indirect information leakage with the control based on forcedly changed user access permission.All the operations of each module in this mechanism are processed at the security kernel. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | DAC / indirect information leakage / dynamic restriction / Security Kernel / Access Control / information flow control |
Paper # | ISEC93-55 |
Date of Issue |
Conference Information | |
Committee | ISEC |
---|---|
Conference Date | 1993/10/26(1days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | |
Vice Chair | |
Secretary | |
Assistant |
Paper Information | |
Registration To | Information Security (ISEC) |
---|---|
Language | ENG |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A Method of Dynamic Discretionary Access Control |
Sub Title (in English) | |
Keyword(1) | DAC |
Keyword(2) | indirect information leakage |
Keyword(3) | dynamic restriction |
Keyword(4) | Security Kernel |
Keyword(5) | Access Control |
Keyword(6) | information flow control |
1st Author's Name | Kang Hyung-suck |
1st Author's Affiliation | Division of Electrical and Computer Engineering,Faculty of Engineering,YOKOHAMA National university() |
2nd Author's Name | Tsutomu Matsumoto |
2nd Author's Affiliation | Division of Electrical and Computer Engineering,Faculty of Engineering,YOKOHAMA National University |
3rd Author's Name | Hideki Imai |
3rd Author's Affiliation | Institute of Industrial Science,University of TOKYO |
Date | 1993/10/26 |
Paper # | ISEC93-55 |
Volume (vol) | vol.93 |
Number (no) | 296 |
Page | pp.pp.- |
#Pages | 6 |
Date of Issue |