QUT ePrints

An administrative model for UCON

Salim, Farzad, Reid, Jason F., & Dawson, Edward (2010) An administrative model for UCON. In Proceedings of he 8th Australasian Information Security Conference (AISC 2010), Conferences in Research and Practice in Information Technology (CRPIT), Queensland University of Technology, Brisbane, Queensland, pp. 32-38.

[img] Conference Paper (PDF 163kB)
Accepted Version.

View at publisher

Abstract

UCON is an emerging access control framework that lacks an administration model. In this paper we define the problem of administration and propose a novel administrative model. At the core of this model is the concept of attribute, which is also the central component of UCON. In our model, attributes are created by the assertions of subjects, which ascribe properties/rights to other subjects or objects. Through such a treatment of attributes, administration capabilities can be delegated from one subject to another and as a consequence UCON is improved in three aspects. First, immutable attributes that are currently considered as external to the model can be incorporated and thereby treated as mutable at- tributes. Second, the current arbitrary categorisation of users (as modifiers of attributes), to system and administrator can be removed. Attributes and objects are only modifiable by those who possess administration capability over them. Third, the delegation of administration over objects and properties that is not currently expressible in UCON is made possible.

Impact and interest:

Citation countsare sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

126 since deposited on 22 Mar 2010
33 in the past twelve months

Full-text downloadsdisplays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 31415
Item Type: Conference Paper
Additional URLs:
Keywords: Information Security, Access Control Model, Usage Control, Trust Management, Administration
ISSN: 1445-1336
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > COMPUTER SOFTWARE (080300) > Computer System Security (080303)
Divisions: Past > Schools > Computer Science
Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Institutes > Information Security Institute
Copyright Owner: Copyright 2010 Australian Computer Society, Inc.
Deposited On: 22 Mar 2010 16:44
Last Modified: 01 Mar 2012 00:18

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page