Dynamic rights: safe extensible access control

Abstract

Extensible systems such as micro-kernels and component architectures push current security models to the limit. A number of dynamic access control models have been developed but all fail to ensure safety, especially of large scale configurations. In previous work we have developed a dynamic typed access control (DTAC) model that supports generalised security configuration descriptions based on subject and object types. This model includes a security invariant to ensure safety in the presence of change. In this paper we investigate the use of structured subject types, structured object types and structured rights to simplify both modelling and safety enforcement within DTAC. Structuring all aspects of the access control relation is both promising and novel.