Dynamic access control: Preserving safety and trust for network defense operations

Prasad Naldurg, Roy H. Campbell

Research output: Contribution to conferencePaper

Abstract

We investigate the cost of changing access control policies dynamically as a response action in computer network defense. We compare and contrast the use of access lists and capability lists in this regard, and develop a quantitative feel for the performance overheads and storage requirements. We also explore the issues related to preserving safety properties and trust assumptions during this process. We suggest augmentations to policy specifications that can guarantee these properties in spite of dynamic changes to system state. Using the lessons learned from this exercise, we apply these techniques in the design of dynamic access controls for dynamic environments.

Original languageEnglish (US)
Pages231-237
Number of pages7
StatePublished - Nov 19 2003
EventProceedings of Eighth ACM Symposium on Access Control Models and Technologies - Villa Gallia, Como, Italy
Duration: Jun 2 2003Jun 3 2003

Other

OtherProceedings of Eighth ACM Symposium on Access Control Models and Technologies
CountryItaly
CityVilla Gallia, Como
Period6/2/036/3/03

Fingerprint

Access control
Computer networks
Specifications
Costs

Keywords

  • Access lists
  • Capability lists
  • Comparison
  • Dynamic access control
  • Safety
  • Trust

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Naldurg, P., & Campbell, R. H. (2003). Dynamic access control: Preserving safety and trust for network defense operations. 231-237. Paper presented at Proceedings of Eighth ACM Symposium on Access Control Models and Technologies, Villa Gallia, Como, Italy.

Dynamic access control : Preserving safety and trust for network defense operations. / Naldurg, Prasad; Campbell, Roy H.

2003. 231-237 Paper presented at Proceedings of Eighth ACM Symposium on Access Control Models and Technologies, Villa Gallia, Como, Italy.

Research output: Contribution to conferencePaper

Naldurg, P & Campbell, RH 2003, 'Dynamic access control: Preserving safety and trust for network defense operations', Paper presented at Proceedings of Eighth ACM Symposium on Access Control Models and Technologies, Villa Gallia, Como, Italy, 6/2/03 - 6/3/03 pp. 231-237.
Naldurg P, Campbell RH. Dynamic access control: Preserving safety and trust for network defense operations. 2003. Paper presented at Proceedings of Eighth ACM Symposium on Access Control Models and Technologies, Villa Gallia, Como, Italy.
Naldurg, Prasad ; Campbell, Roy H. / Dynamic access control : Preserving safety and trust for network defense operations. Paper presented at Proceedings of Eighth ACM Symposium on Access Control Models and Technologies, Villa Gallia, Como, Italy.7 p.
@conference{d8f15f7c3a0e474da19ca08d0d6c51dd,
title = "Dynamic access control: Preserving safety and trust for network defense operations",
abstract = "We investigate the cost of changing access control policies dynamically as a response action in computer network defense. We compare and contrast the use of access lists and capability lists in this regard, and develop a quantitative feel for the performance overheads and storage requirements. We also explore the issues related to preserving safety properties and trust assumptions during this process. We suggest augmentations to policy specifications that can guarantee these properties in spite of dynamic changes to system state. Using the lessons learned from this exercise, we apply these techniques in the design of dynamic access controls for dynamic environments.",
keywords = "Access lists, Capability lists, Comparison, Dynamic access control, Safety, Trust",
author = "Prasad Naldurg and Campbell, {Roy H.}",
year = "2003",
month = "11",
day = "19",
language = "English (US)",
pages = "231--237",
note = "Proceedings of Eighth ACM Symposium on Access Control Models and Technologies ; Conference date: 02-06-2003 Through 03-06-2003",

}

TY - CONF

T1 - Dynamic access control

T2 - Preserving safety and trust for network defense operations

AU - Naldurg, Prasad

AU - Campbell, Roy H.

PY - 2003/11/19

Y1 - 2003/11/19

N2 - We investigate the cost of changing access control policies dynamically as a response action in computer network defense. We compare and contrast the use of access lists and capability lists in this regard, and develop a quantitative feel for the performance overheads and storage requirements. We also explore the issues related to preserving safety properties and trust assumptions during this process. We suggest augmentations to policy specifications that can guarantee these properties in spite of dynamic changes to system state. Using the lessons learned from this exercise, we apply these techniques in the design of dynamic access controls for dynamic environments.

AB - We investigate the cost of changing access control policies dynamically as a response action in computer network defense. We compare and contrast the use of access lists and capability lists in this regard, and develop a quantitative feel for the performance overheads and storage requirements. We also explore the issues related to preserving safety properties and trust assumptions during this process. We suggest augmentations to policy specifications that can guarantee these properties in spite of dynamic changes to system state. Using the lessons learned from this exercise, we apply these techniques in the design of dynamic access controls for dynamic environments.

KW - Access lists

KW - Capability lists

KW - Comparison

KW - Dynamic access control

KW - Safety

KW - Trust

UR - http://www.scopus.com/inward/record.url?scp=0242709310&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0242709310&partnerID=8YFLogxK

M3 - Paper

AN - SCOPUS:0242709310

SP - 231

EP - 237

ER -