Abstract
M.Com. (Computer Science)
The area covered in this study is that of logical security models. A
logical security model refers to the formal representation of a
security policy which allows the subsequent movement of rights
between subjects and objects in a system.
The best way to illustrate the goal of this study, is with the
following abstract from the submitted article, which originated from
this study.
'The original protection graph rewriting grammar used
to simulate the different operations of the Take/Grant model
is reviewed. The productions of the PGR-grammar is then
expanded, by adding a new context which is based on the
different security classes found in the Bell Grid LaPadula
model [14].'
The first goal of this study was to take the Take/Grant security
-model and expand it. This expansion included the concept of assigning
a different security class to each subject and object in the model.
This concept was derived from the Bell and LaPadula model as
discussed in chapter 2 of this study.
The next goal that was defined, was to expand the PGR-grammar of
[28], so that it would also be able to simulate .the operations of
this expanded Take/Grant model. The .PGR-grammar consisted of
different permitting and forbidding node and edge contexts. This
PGR-grammar was expanded by adding an additional context to the
formal representation. This expansion is explained in detail in
chapter 5 of this study.
The third goal was to take the expansions, mentioned above, and
implement them in a computer system. This computer system had to make
use of an expert. system in order to reach certain conclusions. Each
of the operations of the Take/Grant model must be evaluated, to
determine whether that rule can be applied or not. The use of the
expert system is explained in chapters 6 and 7 of this study.
This study consists out of eight chapters in the following order.
Chapter 2 starts of with an introduction of some of the most
important logical security models. This chapter gives the reader
background knowledge of the different models available, which is
essential for the rest of the study. This chapter, however, does not
discuss the Take/Grant model in detail.
This is done in chapter 3 of the study. In this chapter the
Take Grant model is discussed as a major input to this study. The
Send Receive model is also discussed as a variation of the Take/Grant
model. In the last section of the chapter a comparison is drawn
between these two models.
Chapter 4 formalizes the Take/Grant model. The protection graph
rewriting grammar (PGR-grammar), which is used to simulate the
different operations of the Take/Grant model, is introduced...