next up previous
Next: Introduction

The Role Compatibility Security Model

Paper for the Nordic Workshop on Secure IT Systems (NordSec) 2002

Amon Ott

Email:, WWW:

November 11, 2002


This paper presents the ``Role Compatibility'' access control model. It has been specially designed to address recent vulnerabilities in network servers by confining compromised services and protecting the base of the system. Furthermore, while being powerful and flexible when needed, it remains fast and easy to use for simple setups.

The model design goals, its specification and implementation outline are presented, followed by a brief comparison to the RBAC and the DTE model. Finally, a Webserver example shows how the model can be used to protect real server systems.

Keywords: Security Model, Access Control, Internet Server, Linux

Amon Ott