Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2004 Ravi Sandhu www.list.gmu.edu Safety in Access Control Take-Grant (best viewed in slide-show mode) Ravi Sandhu Laboratory for Information Security.

Similar presentations


Presentation on theme: "© 2004 Ravi Sandhu www.list.gmu.edu Safety in Access Control Take-Grant (best viewed in slide-show mode) Ravi Sandhu Laboratory for Information Security."— Presentation transcript:

1 © 2004 Ravi Sandhu www.list.gmu.edu Safety in Access Control Take-Grant (best viewed in slide-show mode) Ravi Sandhu Laboratory for Information Security Technology George Mason University www.list.gmu.edu sandhu@gmu.edu

2 © 2004 Ravi Sandhu www.list.gmu.edu 2 The Take-Grant Model (late 70s, early 80s) A A/t B t (a) A/t Є dom(B) B/g AB g (b) B/g Є dom(A) Original graph representation, late 70s

3 © 2004 Ravi Sandhu www.list.gmu.edu 3 The Take-Grant Model (late 70s, early 80s) A A/t B t (a) A/t Є dom(B) B/g AB g (b) B/g Є dom(A) Lockman-Minsky representation, 1982

4 © 2004 Ravi Sandhu www.list.gmu.edu 4 Creation in Take-Grant A/tg A A tg (a) The Original View A/tg A A tg (b) The Lockman-Minsky View

5 © 2004 Ravi Sandhu www.list.gmu.edu 5 Reversal of Take-Grant Flow: case t A A/t B t A tg g t A/tg A/t A/tg

6 © 2004 Ravi Sandhu www.list.gmu.edu 6 Reversal of Take-Grant Flow: case g B/g AB g A tg g t A/tg

7 © 2004 Ravi Sandhu www.list.gmu.edu 7 Reversal of Grant-Only Flow B/g AB g A/g A gg g g B/g A/g B/g A/g

8 © 2004 Ravi Sandhu www.list.gmu.edu 8 Non-Reversal of Take-Only Flow A A/t B t A tt t

9 © 2004 Ravi Sandhu www.list.gmu.edu 9 Shortening of Take-Only Flows A A/t B t B/t C t A/t

10 © 2004 Ravi Sandhu www.list.gmu.edu 10 Summary Take-Grant, Grant only Disconnected islands of completely connected subjects with total sharing of rights within each island and no sharing across islands Take-only Original topology of flows is preserved, but existing paths can be shortened to a direct edge Send-receive Requires send and receive rights Similar to take-only in preserving original topology of flows, but existing paths cannot always be shortened to a single edge

11 © 2004 Ravi Sandhu www.list.gmu.edu 11 Exercise Express take-grant, grant-only, take-only and send-receive in the HRU model Are these constructions Mono-conditional Bi-conditional Mono-operational


Download ppt "© 2004 Ravi Sandhu www.list.gmu.edu Safety in Access Control Take-Grant (best viewed in slide-show mode) Ravi Sandhu Laboratory for Information Security."

Similar presentations


Ads by Google