{"title":"基于角色的环境中的职责分离","authors":"Richard T. Simon, M. Zurko","doi":"10.1109/CSFW.1997.596811","DOIUrl":null,"url":null,"abstract":"The separation of duty is a principle that has a long history in computer security research. Many computing systems provide rudimentary support for this principle, but often the support is inconsistent with the way the principle is applied in non-computing environments. Furthermore, there appears to be no single accepted meaning of the term. We examine the ways in which separation of duty has been used, adding the notion of history-based separation of duty. We assess ways in which computing systems may support separation of duty. We discuss the mechanisms we are implementing to support separation of duty and roles in Adage, a general-purpose authorization language and toolkit.","PeriodicalId":305235,"journal":{"name":"Proceedings 10th Computer Security Foundations Workshop","volume":"72 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-06-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"387","resultStr":"{\"title\":\"Separation of duty in role-based environments\",\"authors\":\"Richard T. Simon, M. Zurko\",\"doi\":\"10.1109/CSFW.1997.596811\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The separation of duty is a principle that has a long history in computer security research. Many computing systems provide rudimentary support for this principle, but often the support is inconsistent with the way the principle is applied in non-computing environments. Furthermore, there appears to be no single accepted meaning of the term. We examine the ways in which separation of duty has been used, adding the notion of history-based separation of duty. We assess ways in which computing systems may support separation of duty. We discuss the mechanisms we are implementing to support separation of duty and roles in Adage, a general-purpose authorization language and toolkit.\",\"PeriodicalId\":305235,\"journal\":{\"name\":\"Proceedings 10th Computer Security Foundations Workshop\",\"volume\":\"72 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1997-06-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"387\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 10th Computer Security Foundations Workshop\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSFW.1997.596811\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 10th Computer Security Foundations Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSFW.1997.596811","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The separation of duty is a principle that has a long history in computer security research. Many computing systems provide rudimentary support for this principle, but often the support is inconsistent with the way the principle is applied in non-computing environments. Furthermore, there appears to be no single accepted meaning of the term. We examine the ways in which separation of duty has been used, adding the notion of history-based separation of duty. We assess ways in which computing systems may support separation of duty. We discuss the mechanisms we are implementing to support separation of duty and roles in Adage, a general-purpose authorization language and toolkit.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
