Analysis of ANSI RBAC Support in COM+

Saved in:
Bibliographic Details
Title: Analysis of ANSI RBAC Support in COM+
Authors: Darwish, Wesam1, Beznosov, Konstantin beznosov@ece.ubc.ca
Source: Computer Standards & Interfaces. Jun2010, Vol. 32 Issue 4, p197-214. 18p.
Subjects: COM (Computer architecture), Access control, Electronic data processing documentation, Computer operating systems, Data protection, Programming languages, Computer security, Algorithms
Abstract: Abstract: We analyze access control mechanisms of the COM+ architecture and define a configuration of the COM+ protection system in more precise and less ambiguous language than the COM+ documentation. Using this configuration, we suggest an algorithm that formally specifies the semantics of authorization decisions in COM+. We analyze the level of support for the American National Standard Institute''s (ANSI) specification of role-based access control (RBAC) components and functional specification in COM+. Our results indicate that COM+ falls short of supporting even Core RBAC. The main limitations exist due to the tight integration of the COM+ architecture with the underlying operating system, which prevents support for session management and role activation, as specified in ANSI RBAC. [Copyright &y& Elsevier]
Copyright of Computer Standards & Interfaces is the property of Elsevier B.V. and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
FullText Text:
  Availability: 0
Header DbId: egs
DbLabel: Engineering Source
An: 50263165
AccessLevel: 6
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 0
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: Analysis of ANSI RBAC Support in COM+
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Darwish%2C+Wesam%22">Darwish, Wesam</searchLink><relatesTo>1</relatesTo><br /><searchLink fieldCode="AR" term="%22Beznosov%2C+Konstantin%22">Beznosov, Konstantin</searchLink><i> beznosov@ece.ubc.ca</i>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <searchLink fieldCode="JN" term="%22Computer+Standards+%26+Interfaces%22">Computer Standards & Interfaces</searchLink>. Jun2010, Vol. 32 Issue 4, p197-214. 18p.
– Name: Subject
  Label: Subjects
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22COM+%28Computer+architecture%29%22">COM (Computer architecture)</searchLink><br /><searchLink fieldCode="DE" term="%22Access+control%22">Access control</searchLink><br /><searchLink fieldCode="DE" term="%22Electronic+data+processing+documentation%22">Electronic data processing documentation</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+operating+systems%22">Computer operating systems</searchLink><br /><searchLink fieldCode="DE" term="%22Data+protection%22">Data protection</searchLink><br /><searchLink fieldCode="DE" term="%22Programming+languages%22">Programming languages</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+security%22">Computer security</searchLink><br /><searchLink fieldCode="DE" term="%22Algorithms%22">Algorithms</searchLink>
– Name: Abstract
  Label: Abstract
  Group: Ab
  Data: Abstract: We analyze access control mechanisms of the COM+ architecture and define a configuration of the COM+ protection system in more precise and less ambiguous language than the COM+ documentation. Using this configuration, we suggest an algorithm that formally specifies the semantics of authorization decisions in COM+. We analyze the level of support for the American National Standard Institute''s (ANSI) specification of role-based access control (RBAC) components and functional specification in COM+. Our results indicate that COM+ falls short of supporting even Core RBAC. The main limitations exist due to the tight integration of the COM+ architecture with the underlying operating system, which prevents support for session management and role activation, as specified in ANSI RBAC. [Copyright &y& Elsevier]
– Name: AbstractSuppliedCopyright
  Label:
  Group: Ab
  Data: <i>Copyright of Computer Standards & Interfaces is the property of Elsevier B.V. and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract.</i> (Copyright applies to all Abstracts.)
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=egs&AN=50263165
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1016/j.csi.2009.12.001
    Languages:
      – Code: eng
        Text: English
    PhysicalDescription:
      Pagination:
        PageCount: 18
        StartPage: 197
    Subjects:
      – SubjectFull: COM (Computer architecture)
        Type: general
      – SubjectFull: Access control
        Type: general
      – SubjectFull: Electronic data processing documentation
        Type: general
      – SubjectFull: Computer operating systems
        Type: general
      – SubjectFull: Data protection
        Type: general
      – SubjectFull: Programming languages
        Type: general
      – SubjectFull: Computer security
        Type: general
      – SubjectFull: Algorithms
        Type: general
    Titles:
      – TitleFull: Analysis of ANSI RBAC Support in COM+
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Darwish, Wesam
      – PersonEntity:
          Name:
            NameFull: Beznosov, Konstantin
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 06
              Text: Jun2010
              Type: published
              Y: 2010
          Identifiers:
            – Type: issn-print
              Value: 09205489
          Numbering:
            – Type: volume
              Value: 32
            – Type: issue
              Value: 4
          Titles:
            – TitleFull: Computer Standards & Interfaces
              Type: main
ResultId 1