Title :
READ -- A Resolution and Abduction Based Approach for Policy Comparison in Organizational Collaboration
Author_Institution :
Heidelberg Inst. for Theor. Studies (HITS), Heidelberg, Germany
Abstract :
The policy compliance problem is one of the categories of inconsistency problems existing between access control policies. One of the ways to cope with it is called policy comparison. In this paper we develop and use our approach to perform policy comparison, i.e. when newly specified access control policies for the resources are provided to be compared with certain original policy, we are able to ensure that the noncompliance problem between these newly specified policies and the original policies on the resources will be found. In this paper we propose the READ (Resolution and Abduction based) algorithm to be an approach of finding policy noncompliance. Our approach is based on the resolution and abduction work for Data log rules, and the evaluation of compliance is performed through set implication by Satisfiability Modulo Theories (SMT) Z3 prover. We will illustrate the implementation of READ algorithm with two examples from existing work and one example based on role based access control model.
Keywords :
DATALOG; authorisation; computability; Datalog rules; READ algorithm; SMT Z3 prover; access control policy; compliance evaluation; inconsistency problem; organizational collaboration; policy comparison; policy compliance problem; policy noncompliance problem; resolution and abduction based approach; role based access control model; satisfiability modulo theories; abduction; access control; collaboration; policy comparison; resolution;
Conference_Titel :
BioMedical Computing (BioMedCom), 2012 ASE/IEEE International Conference on
Conference_Location :
Washington, DC
Print_ISBN :
978-1-4673-5495-0
DOI :
10.1109/BioMedCom.2012.24
