Download
1 / 5
50 likes | 122 Views
Explore the development and application of Role-Based Access Control (RBAC), Usage Control (UCON), and Dissemination Control (DCON) models to establish robust security policies while addressing confidentiality, privacy, and trust in various sectors like healthcare, defense, and finance.
E N D
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Assignment #1 on Access Control and Policies September 14, 2011 Due Date: September 28, 2011
References • Lecture Notes • Text Book for Class • Additional Papers • RBAC: Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, Charles E. Youman: Role-Based Access Control Models. IEEE Computer 29(2): 38-47 (1996) • UCON: Jaehong Park, Ravi S. Sandhu: The UCONABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1): 128-174 (2004) • http://delivery.acm.org/10.1145/510000/507722/p57-park.pdf?key1=507722&key2=2341065321&coll=ACM&dl=ACM&CFID=23616711&CFTOKEN=10325487 • DCON: Roshan K. Thomas, Ravi S. Sandhu: Towards a Multi-dimensional Characterization of Dissemination Control. POLICY 2004: 197-200 (IEEE)
Problem #1 • Consider an example application (e.g., from healthcare, defense, financial) • Specify some meaningful policies for this application that address confidentiality, privacy and trust
Problem #2 • Consider an example application where there is a need for organizations to share data • Example: Defense: Army, Navy, Air Force • Healthcare: Doctor, Hospital, Insurance company • Give meaningful security policies illustrating the need for organizations share data and yet having to enforce the policies • Policies may include confidentiality, privacy and trust
Problem #3 • Read the papers on RBAC, UCON and DCON listed in this unit • For an example application (or applications) specify policies for RBAC, UCON and DCON
