Abstract:A new access control model is described. All possible access control privileges pertaining to an object can be represented as the nodes on the access control lattice of the object. The update of access control policy changes the mapping of the subject access privilege from one node to another in the access control lattice of object. The access control policy of real-time update is given in the model so that the system security is strengthened in a concurrent environment. In order to guarantee legitimacy of access control policy update, the compound lattice of an operation right lattice and an authorization level lattice are built. Access privilege can be controlled by authorization. The model and algorithms are useful for concurrent environment in which multiple subjects access and modify the access control policies.
2008, Vol. 29 
