Integrity-Organization Based Access Control for Critical Infrastructure Systems

Abstract : The organization-based access control (OrBAC) model is an access control model that helps evaluate the security policies of organizations. OrBAC affords a high degree of expressiveness and scalability. The model, however, does not readily express integrity constraints. Integrity is one of the most important properties for critical infrastructure systems, mainly due to their criticality and low tolerance of corruption and alterations. This paper describes an extension of OrBAC, called Integrity-OrBAC (I-OrBAC), which models integrity attributes associated with critical infrastructure systems. I-OrBAC facilitates the modeling of multiple integrity levels to express the requirements of different critical infrastructure organizations. An example security policy is presented to demonstrate the expressiveness of the model.
Type de document :
Communication dans un congrès
Jonathan Butts; Sujeet Shenoi. 6th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2012, Washington, DC, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-390, pp.31-42, 2012, Critical Infrastructure Protection VI. 〈10.1007/978-3-642-35764-0_3〉
Liste complète des métadonnées

Littérature citée [16 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01483818
Contributeur : Hal Ifip <>
Soumis le : lundi 6 mars 2017 - 15:01:59
Dernière modification le : lundi 6 mars 2017 - 15:05:07
Document(s) archivé(s) le : mercredi 7 juin 2017 - 14:21:13

Fichier

978-3-642-35764-0_3_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Abdeljebar Ameziane El Hassani, Anas Abou El Kalam, Abdellah Ait Ouahman. Integrity-Organization Based Access Control for Critical Infrastructure Systems. Jonathan Butts; Sujeet Shenoi. 6th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2012, Washington, DC, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-390, pp.31-42, 2012, Critical Infrastructure Protection VI. 〈10.1007/978-3-642-35764-0_3〉. 〈hal-01483818〉

Partager

Métriques

Consultations de la notice

198

Téléchargements de fichiers

11