This report handles the creation of an access control map and the dening of asecurity policy for a healthcare communication system. An access control mapis a graphical way to describe the access controls of the subjects and objects ina system. We use a three step method to produce a graphical overview of theparts in the system, the interactions between them and the permissions of thesubjects. Regarding the security policy we create a read up and read down policylike the so called Ring policy, but adapt a write sideways approach. We alsoapply a mandatory access control which has a centralized authority that denesthe permissions of the subjects. Attribute restrictions is also included to thesecurity levels, to set an under limit for reading permissions.
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:liu-121131 |
| Date | January 2015 |
| Creators | Petersson Lantz, Robert, Alvarsson, Andreas |
| Publisher | Linköpings universitet, Institutionen för datavetenskap, Linköpings universitet, Tekniska fakulteten, Linköpings universitet, Institutionen för datavetenskap, Linköpings universitet, Tekniska fakulteten |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.0018 seconds