|
|
|
Meadows [689] discusses moving the Chinese Wall into a multilevel security context. Lin [631] challenges an assumption of the model, leading to a different formulation.
Very little has been written about policy models that are useful for policies in specific fields other than government. Anderson's clinical model is an excellent example of such a policy model, as is the Chinese Wall. Foley and Jacob discuss computer-supported collaborative working confidentiality policies in the guise of specification [364]. Wiemer and Murray discuss policy models in the context of sharing information with foreign governments [1044].
McCollum, Messing, and Notargiacomo [670] have suggested an interesting variation of ORCON, called "Owner-Retained Access Control." Unlike ORCON, this model keeps a list of the originators and owners. Like ORCON, the intersection of all sets controls access. Chandramouli [178] provides a framework for implementing many access control policies in CORBA and discusses an RBAC policy as an example. He also presents a little language for describing policies of interest.
|
|
|
| Top |