Scalable Access Controls for Lineage

Abstract

Lineage stores often contain sensitive information that needs protection from unauthorized access. We build on prior work for security and privacy of lineage information, focusing on complex conditions and scalable administration. We use Attribute-Based Access Control (ABAC) to express conditions based on many attributes, instead of roles. We then make administration and management more scalable, instead of managing large, monolithic access predicates for each object. To do so, we first support modular traceability and maintainability for separate concerns (e.g. security, legally mandated privacy, organizationally mandated privacy). We then provide constructs to manage authority when multiple administrators must collaborate. We show that these security techniques are needed for easy lineage security administration.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2009
Accession Number
AD1107173

Entities

People

  • Adriane Chapman
  • Arnon Rosenthal
  • Barbara Blaustein
  • Len Seligman

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Biomedical
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Agreements
  • Biological Sciences
  • Biomedical Research
  • Case Studies
  • Computations
  • Computer Access Control
  • Computer Science
  • Control Systems
  • Data Management
  • Databases
  • Engineering
  • Entry Control Systems
  • Environment
  • Gap Analysis
  • Health Services
  • Information Systems
  • Language
  • Models
  • National Security
  • Project Management
  • Security
  • Standards
  • Web Service

Fields of Study

  • Computer science

Readers

  • Criminal Law
  • Strategic Security Studies
  • Systems Analysis and Design