Felkner, A
Conventional access control models, like Mandatory Access Control (MAC), Discretionary Access Control (DAC) and Role-based Access Control (RBAC) are suitable for regulating access to resources by recognized users. Unfortunately, these models have often been inadequate for decentralized and open systems where the identity of the users is not known and users are changing constantly. To overcome the shortcomings of conventional access control models, like MAC, DAC and RBAC, credential - based access control has been proposed. Credential - based systems implement a notion of binary (all or nothing) trust. The credential provides information about the keys, rights and qualifications by one or more trusted authorities. However, due to the monotonicity requirement, these models will be more appropriate for theoretical analysis than for real use. Credential - based access control models (PolicyMaker, KeyNote) and credential – based access control integrated with role-based access control models (family of Role-based Trustmanagement languages) will be described.