000000096 001__ 96
000000096 005__ 20130522141951.0
000000096 037__ $$aLERSSE-PRESENTATION-2006-050
000000096 100__ $$aKonstantin Beznosov
000000096 245__ $$aSecondary and Approximate Authorization Model (SAAM) and its Application to Bell-LaPadula Policies
000000096 260__ $$c2006-02-14
000000096 520__ $$aThe talk defines the secondary and approximate authorization model (SAAM). In SAAM, approximate authorization responses are inferred from cached primary responses, and therefore provide an alternative source of access control decisions in the event that the authorization server is unavailable or slow. The ability to compute approximate authorizations improves the reliability and performance of access control sub-systems and ultimately the application systems themselves. The operation of a system that employs SAAM depends on the type of access control policy it implements. We propose and analyze algorithms for computing secondary authorizations in the case of policies based on the Bell-LaPadula model. In this context, we define a dominance graph, and describe its construction and usage for generating secondary responses to authorization requests. Preliminary results of evaluating SAAM-BLP algorithms demonstrate a 15% increase in the number of authorization requests that can be served without consulting access control policies. 
000000096 6531_ $$aSAAM
000000096 6531_ $$aJAMES
000000096 6531_ $$aaccess control
000000096 6531_ $$aBell-LaPadulla
000000096 6531_ $$aBLP 
000000096 8560_ $$fqiangw@ece.ubc.ca
000000096 8564_ $$uhttp://lersse-dl.ece.ubc.ca/record/96/files/96.pdf$$yTransfer from CDS 0.99.7
000000096 909C4 $$pAuthorization Model (SAAM) and its Application to Bell-LaPadula Policies," Los
	Angeles, Information Sciences Institute, 6 February, 2006, pp.35. 
000000096 980__ $$aPRESENTATION