Conferences in Research and Practice in Information Technology
  

Online Version - Last Updated - 20 Jan 2012

 

 
Home
 

 
Procedures and Resources for Authors

 
Information and Resources for Volume Editors
 

 
Orders and Subscriptions
 

 
Published Articles

 
Upcoming Volumes
 

 
Contact Us
 

 
Useful External Links
 

 
CRPIT Site Search
 
    

An Administrative Model for UCON ABC

Salim, F., Reid, J. and Dawson, E.

    UCONABC is an emerging access control framework that lacks an administration model. In this paper we define the problem of administration and propose a novel administrative model. At the core of this model is the concept of attribute, which is also the central component of UCONABC. In our model, attributes are created by the assertions of subjects, which ascribe properties/rights to other subjects or objects. Through such a treatment of attributes, administration capabilities can be delegated from one subject to another and as a consequence UCONABC is improved in three aspects. First, immutable attributes that are currently considered as external to the model can be incorporated and thereby treated as mutable attributes. Second, the current arbitrary categorisation of users (as modifiers of attributes), to system and administrator can be removed. Attributes and objects are only modifiable by those who possess administration capability over them. Third, the delegation of administration over objects and properties that is not currently expressible in UCONABC is made possible.
Cite as: Salim, F., Reid, J. and Dawson, E. (2010). An Administrative Model for UCON ABC. In Proc. Eighth Australasian Information Security Conference (AISC 2010) Brisbane, Australia. CRPIT, 105. Boyd, C. and Susilo, W. Eds., ACS. 32-38
pdf (from crpit.com) pdf (local if available) BibTeX EndNote GS