Integrated constraints and inheritance in DTAC

Jonathon E. Tidswell, Trent Jaeger

Research output: Contribution to conferencePaperpeer-review

16 Scopus citations


Inheritance and constraints are two common techniques for safely managing the complexity of large access control configurations. Inheritance is used to help factor the model, while constraints are used to help ensure that the complexity will not result in an unsafe configuration arising in the future evolution of the system. In this paper we develop an integrated mathematical approach to defining both inheritance and constraints in the dynamically typed access control (DTAC) model. In the process we identify several useful relationships among DTAC objects. The combination of DTAC and our new relationships allow us to graphically construct a greater variety and complexity of efficiently verifiable separation of duty constraints than any other model we are aware of.

Original languageEnglish (US)
Number of pages10
StatePublished - 2000
Event5th ACM Workshop on Role-Based Access Control (RBAC) - Berlin, Ger
Duration: Jul 26 2000Jul 27 2000


Conference5th ACM Workshop on Role-Based Access Control (RBAC)
CityBerlin, Ger

All Science Journal Classification (ASJC) codes

  • General Computer Science


Dive into the research topics of 'Integrated constraints and inheritance in DTAC'. Together they form a unique fingerprint.

Cite this