A Linux Implementation of Temporal Access Controls

Abstract

Control of access to information based upon temporal attributes can add another dimension to access control. To demonstrate the feasibility of operating system-level support for temporal access controls, the Time Interval File Protection System (TIFPS), a prototype of the Time Interval Access Control (TIAC) model, has been implemented by modifying Linux extended attributes to include temporal metadata associated both with files and users. The Linux Security Module was used to provide hooks for temporal access control logic. In addition, a set of utilities was modified to be TIFPS-aware. These tools permit users to view and manage the temporal attributes associated with their files and directories. Functional, performance, and concurrency testing were conducted. The ability of TIFPS to grant or revoke access in the future, as well to limit access to specific time intervals enhances traditional information control and sharing.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 01, 2007
Accession Number
ADA484279

Entities

People

  • Cynthia E. Irvine
  • Ken Chiang
  • Thuy D. Nguyen

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Computer Access Control
  • Computer Programs
  • Computer Science
  • Control Systems
  • Directories
  • Entry Control Systems
  • Information Assurance
  • Intervals
  • Metadata
  • Models
  • Multithreading
  • Operating Systems
  • Performance Tests
  • Prototypes
  • Security
  • Time Intervals
  • United States Military Academy

Fields of Study

  • Computer science

Readers

  • Adaptive Control and Estimation with Uncertainty in Dynamic Systems.
  • Database Systems and Applications