A Theory Based on Security Analysis for Comparing the Expressive Power of Access Control Models
Mahesh V. Tripunitara
Tech report number
CERIAS TR 2005-83
We present a theory for comparing the expressive power of access control models. Our theory is based on reductions that preserve the results of security analysis. Security analysis is an approach to the verification of security policies in access control systems. We demonstrate the effectiveness of the theory by applying it in several cases. Also, we present related results on safety analysis in Discretionary Access Control (DAC) and security analysis in Role-Based Access Control (RBAC).
access control, expressive power, security analysis