Data and Applications Security Developments and DirectionsReferencesProblem #1Problem #2Problem #3Data and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasAssignment #1 on Access Control and PoliciesSeptember 14, 2011Due Date: September 28, 2011ReferencesLecture NotesText Book for ClassAdditional Papers-RBAC: Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, Charles E. Youman: Role-Based Access Control Models. IEEE Computer 29(2): 38-47 (1996) -UCON: Jaehong Park, Ravi S. Sandhu: The UCONABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1): 128-174 (2004) -http://delivery.acm.org/10.1145/510000/507722/p57-park.pdf?key1=507722&key2=2341065321&coll=ACM&dl=ACM&CFID=23616711&CFTOKEN=10325487-DCON: Roshan K. Thomas, Ravi S. Sandhu: Towards a Multi-dimensional Characterization of Dissemination Control. POLICY 2004: 197-200 (IEEE)Problem #1Consider an example application (e.g., from healthcare, defense, financial)Specify some meaningful policies for this application that address confidentiality, privacy and trustProblem #2Consider an example application where there is a need for organizations to share data-Example: Defense: Army, Navy, Air Force-Healthcare: Doctor, Hospital, Insurance companyGive meaningful security policies illustrating the need for organizations share data and yet having to enforce the policies-Policies may include confidentiality, privacy and trustProblem #3Read the papers on RBAC, UCON and DCON listed in this unitFor an example application (or applications) specify policies for RBAC, UCON and
View Full Document