Capabilities are a more scalable and adaptive access control approach compared with the conventional approaches such as ACLs, due to their being held and managed by users or agents in systems, but not the middleware. This feature makes capabilities more suitable in distributed environments that have unstable populations. However capabilities have a simple structure that only supports independent and unbounded access rights, and this shows their weakness in complex cases. Treaties have been proposed to enhance the capability approach by introducing sequences of actions. In this way, treaties can capture characteristics of behaviours, and provide finer control over accesses. Treaties are also designed to be refinable by users, using the functionality provided by specific treaty operations. In this paper we introduce the concept of treaties and operations in more detail, proving that specific treaty operations maintain behavioural integrity.
|Title of host publication
|International Conference on Control Engineering and Communication Technology (ICCECT), 2012
|Number of pages
|Published - 2012