Using Efficient Access Control To Protect Multi-Task Execution LI Yan
Background
Background Task an activity that needs to be accomplished by individual users or a team of users within a defined period of time Multi-task the performance of more than one task by an organization or enterprise at the same time
Requirements For Access Control Security access by legitimate users least privilege separation of duties conflict of interest Efficiency minimum execution time minimum number of users maximum number of tasks
Existing Work DAC MAC RBAC TMAC access by legitimate user least privilege separation of duties conflict of interest minimum time minimum users maximum tasks
Task Oriented Access Control Objectives Assign legitimate users to concurrent tasks Enforce multiple policies least privilege separation of duties conflict of interest Improve efficiency of task execution minimum execution time minimum number of users minimum number of tasks
Task Oriented Access Control Definition User-Permission Assignment (UP) Permission-Task Assignment (PT) User-Task Assignment (UT) Users Constraint Pool authorization policies Const -raints Perm- Tasks issions
Task Oriented Access Control Problems Find UTs (minimum users) based on given UP and PT Alice Deposit Bank A Loan Bob Management Carl Bank B Finance conflict of interest Derek Bank A: Alice Bank B: Bob, Derek
Task Oriented Access Control Problems In P finding a UT without constraints In NP-hard finding all UTs without constraints finding a UT with constraints finding all UTs with constraints finding a UT with minimum users Solve the problems by mathematical programming
Future Research Investigate the problem of finding UTs with minimum execution time, maximum number of tasks Enforce least privilege on user-permission assignment in multi-task execution ― in the context of teams ― in the context of individual users Apply TAC in healthcare information systems
Recommend
More recommend
