A Meta-level Access Control Model for Adapting Diverse Access Control Policies on OS Environment

Abstract

Flexible access control model has been studied and implemented on operating system for a long time. SELinux of NSA have fine-grained policy. But, the strict policy make user feel inconvenience. Though SELinux can present MAC or RBAC as well as DAC, it doesnpsilat show all of the notions. We propose the flexible access control model that it can present diverse access control policies and the policies can transform each other. As our model is based on E-R model, it is easy to understand and to use by simple syntax. We implement and test this model on Linux. And we show that the performance degree isnpsilat decreased highly.