CSCI 4531 Lecture Notes - Lecture 9: Macro Virus, Logic Bomb, Cybercrime
Document Summary
Can define authorizations that express conditions on properties of both the. Strength is its flexibility and expressive power. Main obstacle to its adoption in real systems has been concern about the performance impact of evaluating predicates on both resource and user properties for each access. Web services have been pioneering technologies through the introduction of the extensible access control markup language (xamcl) There is considerable interest in applying the model to cloud services. A subject is an active entity that causes information to flow among objects or changes the system state. Attributes define the identity and characteristics of the subject. An object (or resource) is a passive information system-related entity containing or receiving information. Objects have attributes that can be leverages to make access control decisions. Describe the operational, technical, and even situational environment or context in which the information access occurs. These attributes have so far been largely ignored in most access control policies.