A hybrid and configurable access control model is designed to satisfy the
requirements of using different access control models in the same schema. The
idea is arised to completely combine and configure the two main access control
models, discretionary and mandatory which have been widely used in many
systems so far with their advantages and disadvantages. The motivation
originates from the fact that / in real life usage, discretionary based systems
needs some strict policies and mandatory based systems needs some
flexibility. The model is designed to combine these two appoaches in a single
and configurable model, with some required real life extensions, in a conflictfree
fashion and configurable degree of combination. Implementation of the
model has been done and main important cases which shows the power and
expressiveness of the model are designed and implemented. The
authorization process is in the responsibility of the model which can be
combined with secured authentication and auditing schemas. The new
approaches as Role-Based, Context-Based and Temporal access control can
easily be embedded in the model due to its generic and modular design.
| Identifer | oai:union.ndltd.org:METU/oai:etd.lib.metu.edu.tr:http://etd.lib.metu.edu.tr/upload/3/12611137/index.pdf |
| Date | 01 October 2009 |
| Creators | Turan, Ugur |
| Contributors | Ozgit, Attila |
| Publisher | METU |
| Source Sets | Middle East Technical Univ. |
| Language | English |
| Detected Language | English |
| Type | M.S. Thesis |
| Format | text/pdf |
| Rights | Access forbidden for 1 year |
Page generated in 0.002 seconds