Implementation of a discretionary access control model for script-based systems

CC
CSFW
1995
The Eighth IEEE Computer Security Foundations Workshop (CSFW '95)
Abstract - Implementation of a discretionary access control model for script-based systems

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by T. Jaeger Articles by A. Prakash

The Eighth IEEE Computer Security Foundations Workshop (CSFW '95)

Kenmare, County Kerry, Ireland

March 13-March 15

ISBN: 0-8186-7033-9

	ASCII Text	x
	T. Jaeger, A. Prakash, "Implementation of a discretionary access control model for script-based systems," Computer Security Foundations Workshop, IEEE, pp. 70, The Eighth IEEE Computer Security Foundations Workshop (CSFW '95), 1995.

	BibTex	x
	@article{ 10.1109/CSFW.1995.518554, author = {T. Jaeger and A. Prakash}, title = {Implementation of a discretionary access control model for script-based systems}, journal ={Computer Security Foundations Workshop, IEEE}, volume = {0}, year = {1995}, issn = {1063-6900}, pages = {70}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSFW.1995.518554}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Foundations Workshop, IEEE TI - Implementation of a discretionary access control model for script-based systems SN - 1063-6900 SP EP A1 - T. Jaeger, A1 - A. Prakash, PY - 1995 KW - authorisation; security of data; discretionary access control model; script-based systems; Mosaic; World-wide Web browsing tool; unauthorized access; prototype system VL - 0 JA - Computer Security Foundations Workshop, IEEE ER -

T. Jaeger, Dept. of Electr. Eng. & Comput. Sci., Michigan Univ., Ann Arbor, MI, USA

A. Prakash, Dept. of Electr. Eng. & Comput. Sci., Michigan Univ., Ann Arbor, MI, USA

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSFW.1995.518554

Powerful applications can be implemented using command scripts. A command script is a program written by one user, called a writer, and made available to another user, called the reader, who executes the script. For instance, command scripts could be used by Mosaic, the popular World-wide Web browsing tool, to provide fancy interfaces to services, such as banking, shopping, etc. However, the use of command scripts presents a serious security problem. A command script is run with the reader's access rights, so a writer can use a command script to gain unauthorized access to the reader's data and applications. Existing solutions to the problem either severely restrict I/O capability of scripts, limiting the range of applications that can be supported, or permit all I/O to scripts, potentially compromising the security of the reader's data. We define a discretionary access control model that permits users to flexibly limit the access rights of the processes that execute a command script. We use this model in a prototype system that safely executes command scripts available from Mosaic.

Index Terms:

authorisation; security of data; discretionary access control model; script-based systems; Mosaic; World-wide Web browsing tool; unauthorized access; prototype system

Citation:

T. Jaeger, A. Prakash, "Implementation of a discretionary access control model for script-based systems," csfw, pp.70, The Eighth IEEE Computer Security Foundations Workshop (CSFW '95), 1995

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.