Model Driven Approaches for the Automated Analysis of Access Control Specifications in The Context Of Spatio-Temporal Role Based Access Control

by

CHAPTER 2: RELATED WORK1

2.1 Access Control Model1

2.2 Analysis of Access Control Model15

2.3 Alloy16

2.4 Timed Automata17

2.5 UPPAAL19

2.6 Model Driven Development MDD19

2.7 Chapter Summary21

CHAPTER 10: CONCLUSION22

10.1 Summary of Contributions22

10.2 Future Work24

BIBLIOGRAPHY26

CHAPTER 2: RELATED WORK

The chapter encompasses of the work pertains to categorized with the areas classified in the research. Firstly, this literature induces the concept that is based upon the Access Control Model. The model would be used later in the paper. Secondly, the research initiates incorporates the community research pertaining to different tools and methods used to address and overcome the issues and concerns that pertain to the access control model. Thirdly, it encompasses of the concept of Extensible Markup Languauge (XML), Alloy finally it elobarates the concept of Model Driven Development (MDD).

2.1 Access Control Model

As per the growing advancement of pervasive technologies in computing, the world is moving towards an age where it is mandatory to for spatio-temporal information to have access control. The utilization of information could be used for escalating the security for an application, as well as, exploiting to launch attacks. Multiple access control model is looked and discussed, so as to, understand the problem, as well as, ensure the Spatio-Temporal Role based access control (STRBAC), is the most appropriate choice for the access control model.

Access level is extremely important to the security system for computing. In order to compromise a system, attackers tend to acquire any possible level of access, and then try to increase that level unless they acquire the protected data, as well as, make system modification that is unapproved. Since each user has some level of system access, every user accounts a potential increase in the system for abuse. In the past, the system security has been reliant upon the trusting users, they are not likely to abuse their access, and however, the strategy had failed. In the age of today, the server consolidation leads to greater number of users for each system. The system management outsourcing provides legitimate access to the system administrator level that is unknown users. It is because of the reason that the server consolidation and outsourcing could lead to financial advantage, as well as, what could be done to prevent the access upon the Linux system? In order to answer the question, it is suitable to analyze the at discretionary access control (DAC) and mandatory access control (MAC), as well as, assess thier differences.

2.1.1 Discretionary Access Control (DAC)

The term Discretionary Access Control (DAC) pertains to the access that allows the users to alter the features of the object, as well as, specifying whether the object is accessible for other users. Simply, a Discretionary Access Control (DAC could be a password file, or specifying whether a particular file requires the knowledge and acceptance of the administrator while being accessed by other users. In Linux, the file permission by the user is the form of a general ...