Grouping of users for authorization purposes is an important problem from a practical point of view, since it can have a significant effect on the efficiency and ease of use (and therefore on the degree of security) of a computer security system. This clearly written paper describes an interesting way to define user groups so that
resources can be isolated for different users;
resources can be shared by different users;
use of resources can be conveniently supervised;
one can determine efficiently if a group is included in another group; and
it is possible to reduce the number of explicit access decisions that have to be made by users.
The proposed grouping is based on data structures called ntrees, which are subsets of the partial orders of dimension 2. By restricting their dimension to two, the theory of these structures is made rather simple, but they are still powerful enough to describe important practical situations. More specifically, ntrees are partial orders made of forests of mutually disjoint rooted trees or inverted rooted trees or obtained by refining an ntree. Refining consists of developing a node into a set of nodes, which is a useful way to introduce more detail in a top-down manner; i.e., a single ordering of groups can be made more specific by splitting some of the groups and adding an order to the resulting subgroups. Refinement does not increase the dimension of ntrees. Two integers, l[g] and r[g], are assigned to each group g and represent the positions of group g in L and R, respectively (L and R denote left-to-right and right-to-left preorder traversal). Another operation is contracting a subset of an ntree. This allows the user to delete groups that are no longer needed and results in a simpler ntree. Addition of new groups to an existing ntree is also possible (and of practical value in adapting to changing conditions). A rather complex way of keeping l[g] and r[g] constant is described; it uses a place holder branch in the partial order.
The paper should be of interest to researchers in data security. System designers may also get some good ideas from it. A few more examples of applications would have been welcome. Some of the practical issues concerning grouping of users have been discussed in chapter 7 of Fernandez et al. [1]. This paper develops a theoretical foundation that should be valuable to future researchers.