Beyond the pale of MAC and DAC-defining new forms of access control

Abstract

Examples of DoD/intelligence data protection requirements are described that cannot be handled through traditional mandatory (MAC) or discretionary (DAC) access controls, and two new forms of access controls to respond to these problems are proposed. First, a user attribute-based access control for enforcement of dissemination controls is introduced. Second, a type of access control known as owner-retained access control is described, to provide a privilege-based form of access control that, unlike DAC, prevents access to data being extended to others without the owner's concurrence. For both types of controls, the access control rules to be enforced and the implications of providing automated enforcement of these controls are discussed. The two forms of control are compared, and an informal model is presented that provides a common framework for representing both. In conclusion, the benefits and drawbacks of this approach are discussed, and some areas for future work are identified.