Abstract
In this paper, we develop a new paradigm for access control and authorization management, called task-based authorization controls (TBAC). TBAC models access controls from a task-oriented perspective than the traditional subject-object one. Access mediation now involves authorizations at various points during the completion of tasks in accordance with some application logic. By taking a task-oriented view of access control and authorizations, TBAC lays the foundation for research into a new breed of “active” security models that are required for agent-based distributed computing and workflow management.
Chapter PDF
Similar content being viewed by others
References
Abrams, M., Eggers, K., LaPadula, L., and Olson, I. A Generalized Framework for Access Control: An Informal Description, Proceedings of the 13th NISTNCSC National Computer Security framework, 1990, pages 135–143. Task-based authorization controls (TBAC) 181
Abrams, M., Heaney, J., King, O., LaPadula, L., Lazear, M., and Olson, I. Generalized Framework for Access Control: Toward prototyping the Orgcon Policy, Proceedings of the 14m NIST-NCSC National Computer Security framework, 1991, pages 257–266.
Atluri V., and Huang, W. An Authorization Model for Workflows, Proceedings of the Fourth European Symposium on Research in Computer Security, Rome, Italy, September pages 25–27, 1996.
Bell, D.E. and LaPadula, L.J. Secure Computer Systems: Unified exposition and multics interpretation. EDS-TR-75–306, Mitre Corporation, Bedford, MA, March 1976.
Chang. S.K. et. al. Visual-Language System for User Interfaces, IEEE Software, March, 1995.
Georgakopoulos, D., Hornick, M. and Sheth, A. An Overview of Workflow Management: From Process Modeling to Workflow Automation Infrastructure, Distributed and Parallel databases, Vol. 3, pages 119–153, 1995.
Harrison, M.H., Ruzzo, W.L. and Ullman, J.D. Protection in Operating Systems. Communications of the ACM, 19 (8), pages 461–471, 1976.
Klein, J. Advanced Rule Driven Transaction Management. Proceedings of the IEEE Compcon Conference, 1991.
LaPadula, L.J. and Williams, J.G. Towards a Universal Integrity Model. Proceedings of the IEEE Computer Security Foundations Workshop, New Hampshire, IEEE Press, 1991.
Rusinkiewicz, M. and Sheth, A. Specification and Execution of Transactional Workflows, In Modern Database Systems: The Object Model, Interoperability, and beyond, W. Kim, Ed., Addison-Wesley/ACM Press, 1994.
Sandhu, R.S. Transaction Control Expressions for Separation of Duties, Proceedings of the Fourth Computer Security Applications Conference, pages 282–286, 1988.
Sandhu, R.S. The Typed Access Control Model, Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1992, pages 122–136.
Thomas, R.K. and Sandhu, R.S. Towards a Task-based Paradigm for Flexible and Adaptable Access Control in Distributed Applications. Proceedings of the Second New Security Paradigms Workshop, Little Compton, Rhode Island, IEEE Press, 1993.
Thomas, R.K. and Sandhu, R.S. Conceptual Foundations for A Model of Task-based Authorizations. Proceedings of the IEEE Computer Security Foundations Workshop, New Hampshire, IEEE Press, 1994.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1998 IFIP
About this chapter
Cite this chapter
Thomas, R.K., Sandhu, R.S. (1998). Task-based authorization controls (TBAC): a family of models for active and enterprise-oriented authorization management. In: Lin, T.Y., Qian, S. (eds) Database Security XI. IFIP Advances in Information and Communication Technology. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35285-5_10
Download citation
DOI: https://doi.org/10.1007/978-0-387-35285-5_10
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-5041-2914-5
Online ISBN: 978-0-387-35285-5
eBook Packages: Springer Book Archive