Files in this item

FilesDescriptionFormat

application/pdf

application/pdfDistributed Enf ... eyond the Chinese Wall.pdf (269kB)
(no description provided)PDF

Description

Title:Distributed Enforcement of Unlinkability Policies: Looking Beyond the Chinese Wall
Author(s):Kapadia, Apu C.; Naldurg, Prasad G.; Campbell, Roy H.
Subject(s):computer science
Abstract:This paper presents an access control model that preserves the unlinkability of audit-logs in a distributed environment. The model restricts entities from accessing and correlating two or more audit-records belonging to different service invocations created by the same user. While the traditional Chinese Wall (CW) model is sufficient to enforce this type of unlinkability, in distributed environments CW is inefficient because the simple security condition semantics requires knowledge of a user's access history. Our model allows specifications that are simple and efficient to enforce in a decentralized manner without the need for an access history. The proposed enforcement architecture allows users to negotiate unlinkability policies with the system. The system attaches automatically generated policy constraints to the audit-records. When these constraints are enforced appropriately, they implement unlinkability policies that are provably secure and precise for a fixed protection state. The model extends to a versioning scheme that adapts to evolving protection state, trading off precision to maintain the security of deployed policies.
Issue Date:2006-02
Genre:Technical Report
Type:Text
URI:http://hdl.handle.net/2142/11163
Other Identifier(s):UIUCDCS-R-2006-2689
Rights Information:You are granted permission for the non-commercial reproduction, distribution, display, and performance of this technical report in any format, BUT this permission is only for a period of 45 (forty-five) days from the most recent time that you verified that this technical report is still available from the University of Illinois at Urbana-Champaign Computer Science Department under terms that include this permission. All other rights are reserved by the author(s).
Date Available in IDEALS:2009-04-20


This item appears in the following Collection(s)

Item Statistics