© 2004 Ravi Sandhu The Typed Access Matrix Model (TAM) and Augmented TAM (ATAM) Ravi Sandhu...

The Typed Access Matrix Model (TAM) and Augmented TAM (ATAM)

Ravi SandhuLaboratory for Information Security Technology

George Mason Universitywww.list.gmu.edusandhu@gmu.edu

Outline

• TAM: Typed Access Matrix Model• TAM adds types to HRU and preserves strong safety

results of SPM/ESPM• SO-TAM: Single Object TAM

• SO-TAM manipulates one column of the access matrix at a time and is equivalent to TAM

• ATAM: Augmented TAM• ATAM adds testing for absence of rights to TAM• ATAM is equivalent to TAM in one sense but more

expressive in another

TAM adds types to HRU

TAM commands

TAM primitive operations

TAM operations: enter and delete

TAM operations: create and destroy

ORCON in TAM

MTAM: Monotonic TAM

MTAM Canonical Schemes

ORCON as a MTAM Canonical Scheme

Acyclic TAM schemes

Acyclic TAM unfolded state

Acyclic MTAM unfolded state

Acyclic MTAM safety

Ternary MTAM

Binary and Unary MTAM

• Unary MTAM• Useless

• Binary MTAM• Single-parent creation or spontaneous double-

child creation• Less expressive than multi-parent creation

SOTAM: single object TAM

• SOTAM is equivalent in expressive power to TAM

ATAM: Augmented TAM

• Allow testing for absence of rights in the conditions of commands

• ATAM is equivalent in expressive power to TAM in unbounded simulation but most likely not in bounded simulation• “Most likely not” has recently been shown to be

“provably cannot”

© 2004 Ravi Sandhu The Typed Access Matrix Model (TAM) and Augmented TAM (ATAM) Ravi Sandhu...

Documents

Rethinking Password Strategies Ravi Sandhu Chief Scientist sandhu@nsdsecurity 703 283 3484

Security Cloud: Cloud Trust Brokers · Security and the Cloud: Cloud Trust Brokers Ravi Sandhu Ravi Ganesan* Founder, SafeMashups +1.415.680.5746 ravi@safemashups com ravi@findravi

ISA 662 IKE Key management for IPSEC Prof. Ravi Sandhu

Role-Based Access Control on the Web - Ravi Sandhu

Asymmetric Digital Signatures And Key Exchange Prof. Ravi Sandhu

SSL Trust Pitfalls Prof. Ravi Sandhu. 2 © Ravi Sandhu 2002 THE CERTIFICATE TRIANGLE user attributepublic-key X.509 identity certificate X.509 attribute

© 2005 Ravi Sandhu Administrative Scope (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology George

How to do Discretionary Access Control Using Roles Ravi Sandhu Qamar Munawer

The ASCAA * Principles Applied to Usage Control Prof. Ravi Sandhu

1 TOPIC LATTICE-BASED ACCESS-CONTROL MODELS Ravi Sandhu

© 2005 Ravi Sandhu Permissions and Inheritance (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security Technology

© 2006 Ravi Sandhu Secure Information Sharing Enabled by Trusted Computing and PEI * Models Ravi Sandhu (George Mason University and TriCipher)

Authentication: the problem that will not go away Prof. Ravi Sandhu Chief Scientist sandhu@tricipher.com 703 283 3484 Protecting Online Identity

© 2004 Ravi Sandhu Cyber-Identity, Authority and Trust in an Uncertain World Prof. Ravi Sandhu Laboratory for Information Security Technology

© Ravi Sandhu The Secure Information Sharing Problem and Solution Approaches Ravi Sandhu Executive Director and Endowed Chair Institute

© 2005 Ravi Sandhu Role Usage and Activation Hierarchies (best viewed in slide show mode) Ravi Sandhu Laboratory for Information Security

1 The Future of Cyber Security Prof. Ravi Sandhu Executive Director February 2010 ravi.sandhu@utsa.edu © Ravi Sandhu

Role Activation Hierarchies Ravi Sandhu George Mason University

1 Rethinking Password Strategies Ravi Sandhu Chief Scientist sandhu@nsdsecurity.com 703 283 3484 sandhu@nsdsecurity.com

1 Virtualization Prof. Ravi Sandhu Executive Director and Endowed Chair February 7, 2014 ravi.sandhu@utsa.edu © Ravi Sandhu World-Leading