| Summary: | 碩士 === 國立臺灣師範大學 === 工業教育研究所 === 86 === Access control policies state if, and how, system subjects and objects can be grouped, in order to share access modes according to given authorizations and rules. Moreover, the policies state if, and how, access right can be transferred. This paper studies various access control policies, and application on public key infrastructure.
Membership is implemented by default in various systems to simplify design and enforcement problems. Classification in hierarchical levels (totally or partially ordered) for groups of subjects and groups of objects is a widespread procedure; access controls map into controls of information flow among the different levels. This procedure is largely used in multilevel security systems for military environments, where access control policies are essentially control policies for information flow.
Multilevel relations, based on the current multilevel security (MLS) relational data models, can present a user with information that is difficult to interpret and may display an inconsistent outlook about the views of other users. Such ambiguity is due to the lack of a comprehensive method for asserting and interpreting beliefs about lower level information. In this paper we identify different beliefs that can be held by higher level users about lower level information, and we introduce various concept of interpreting beliefs.
And we introduce finally audit machine. Auditing is useful deterrent tools for data physical integrity, as well as for subsequent analysis of access sequences to a database.
|
|---|
