A Linux Implementation of Temporal Access Controls
Authors
Chiang, Ken
Nguyen, Thuy D.
Irvine, Cynthia E.
Advisors
Second Readers
Subjects
Date of Issue
2007-06-01
Date
Publisher
IEEE
Language
Abstract
Control of access to information based upon temporal attributes can add another dimension to access control. To demonstrate the feasibility of operating system level support for temporal access controls, the Time Interval File Protection System (TIFPS), a prototype of the Time Interval Access Control (TIAC) model, has been implemented by modifying Linux extended attributes to include temporal metadata associated both with files and users. The Linux Security Module was used to provide hooks for temporal access control logic. In addition, a set of utilities was modified to be TIFPS-aware. These tools permit users to view and manage the temporal attributes associated with their files and directories. Functional, performance, and concurrency testing were conducted. The ability of TIFPS to grant or revoke access in the future, as well to limit access to specific time intervals enhances traditional information control and sharing.
Type
Article
Description
Series/Report No
Department
Identifiers
NPS Report Number
Sponsors
Funding
Format
Citation
Proceedings 8th IEEE Systems, Man, and Cybernetics Information Assurance Workshop, West Point, NY, June 2007, pp. 309-316.
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.