JS von Solms, MS Olivier and SH von Solms, "MoFAC: A Model for Fine-grained Access Control", in SK Katsikas and D Gritzalis (eds), Information Systems Security: Facing the Information Society of the 21st Century, 295-305, Chapman & Hall, 1996
Access control in Information Technology (IT) systems, also known as Authorization, is one of the cornerstones of any Information Security Policy. The granularity of such access control can be on different levels, for example on volume (disc pack) level, database level, table level, and even on individual record (or tuple) and data field level. Although very fine-grained access control, for example on record level, is often required, in most systems access control on table level is used. The reason is that the management process is significantly easier and simpler the courser the level of control becomes.
MoFAC presents a model in which access control is finer than table level, but where the increase in complexity and management stays within acceptable limits.
Authorization, Access control, Distributed systems, Role-based security
@INPROCEEDINGS(mofac,
AUTHOR={Johan S von Solms and Martin S Olivier and Sebastiaan H von
Solms},
TITLE={{M}o{FAC}: A Model for Fine-grained Access Control},
EDITOR={S K Katsikas and D Gritzalis},
BOOKTITLE={Information Systems Security: Facing the Information
Society of the 21st Century},
PAGES={295--305},
PUBLISHER={Chapman \& Hall},
YEAR={1996} )
The full text may be downloaded from http://mo.co.za/ask/mofac.pdf (PDF, 104K) (©IFIP).
Note that a username and password are required to download the full text. (Why?) Please e-mail me and I will send you a username and password.
[Publications]
[Home]
Page maintained by
Martin Olivier
Last update: February 5, 2002