必須処理付きセキュリティポリシーのためのアクセス制御モデル

Presentation	2001/7/18 An Access Control Model for Provision-based Authorization Policies Michiharu KUDO, Satoshi HADA,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	In most access control systems, authorization is specified using binary decisions, ``yes''or``no'', to the access requests resulting in access being permitted or denied respectively.We argue that emerging Internet applications require that this binary decision be extended to ``allow access provided some actions are taken, ″and propose the notion of a ``provisional action ″that tells the user that his request will be authorized provided he (and/or the system)takes certain actions.We formalize an access control model that handles provision-based authorization policies and give an algorithm that resolves a necessary set of provisional actions according to the priorities among hierarchies.We also illustrate how provisional access control policy rules are effectively specified in practical usage scenarious.
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	Access Control / Security Policy / Provisional Action / Encryption
Paper #	ISEC2001-39
Date of Issue

Paper Information
Registration To	Information Security (ISEC)
Language	ENG
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	An Access Control Model for Provision-based Authorization Policies
Sub Title (in English)
Keyword(1)	Access Control
Keyword(2)	Security Policy
Keyword(3)	Provisional Action
Keyword(4)	Encryption
1st Author's Name	Michiharu KUDO
1st Author's Affiliation	IBM Japan, Co., Ltd., Tokyo Research Laboratory()
2nd Author's Name	Satoshi HADA
2nd Author's Affiliation	IBM Japan, Co., Ltd., Tokyo Research Laboratory
Date	2001/7/18
Paper #	ISEC2001-39
Volume (vol)	vol.101
Number (no)	214
Page	pp.pp.-
#Pages	8
Date of Issue