Design and implementation of discretionary access control policy with time character on Linux
带时间特性的自主访问控制政策及其在Linux上的设计与实现

Discretionary Access Control (DAC) policy is an access control based on ownership relations between subject and object. The subject can discretionarily decide that who, by which means, can access his owned objects. Regarding the system time as a basic security element, DAC_T (Discretionary Access Control Policy with Time Character) was proposed and formalized. DAC_T resolves the problem that the subject can discretionarily decide that who and when can access his owned objects. Finally, DAC_T was implemented on Linux, and a demo was obtained. It is proved that the demo can help subject realize the time constraint on object.