Skip to Main content Skip to Navigation
Book sections

Access Control Models

Abstract : Access control, or authorization, is arguably the most fundamental and most pervasive security mechanism in use today in computer systems. In computer systems, to grant authorization is to determine whether a subject can access resources. Informally speaking it is to decide “who can do what.” Access control is critical to enforce confidentiality (only authorized users can read information) and integrity (only authorized users can alter information) in computer systems, preventing hackers and cyber-terrorists from reading and modifying sensitive files. Several access control models have been proposed since 1960 up today: from simple access matrix to task based access control through military models. Each one providing a different way to organize and express users’ privileges. For example, the role based access control model aggregate privileges thanks to the concept of role: all users receive permissions only through the roles to which they are assigned. We first introduce the purpose of access control, then we describe models in use today, their specificities and the mechanisms which they rely on. The end of the this chapter is dedicated to current issues on access control.
Complete list of metadatas

https://hal.archives-ouvertes.fr/hal-01486902
Contributor : Équipe Gestionnaire Des Publications Si Liris <>
Submitted on : Friday, March 10, 2017 - 3:39:00 PM
Last modification on : Thursday, November 21, 2019 - 2:35:19 AM

Links full text

Identifiers

Citation

Romuald Thion. Access Control Models. Colarik Andrew M. and Janczewski Lech. Cyber Warfare and Cyber Terrorism, IDEA Group Publishing, pp.318-328, 2007, Information Science Reference, 978-1-59140-991-5. ⟨10.4018/978-1-59140-991-5.ch037⟩. ⟨hal-01486902⟩

Share

Metrics

Record views

112