Conflict Detection Model of Access Control Policy in Collaborative Environment

Cross-domain interoperation based on role-mapping increasingly becomes a representative research field of collaborative environment. However, in this collaborative environment, there would still be more permission or less than the role of role-mapping policy required when authorization, this situation can not be completely avoided. This disaccord will result in conflict of access control policies (ACPs) in collaborative domains, and ultimately lead to unauthorized access to resources in autonomy domains. A new method is presented to detect the conflict between access control policies in collaborative environment automatically. The ACPs conflict detection model (ACPCDM) is established, the termination of ACPCDM is proved by the putdown automation, and the prototype system is implemented. At last, we validate the validity of this method with experiments, the result of the experiments shows that the analysis report of conflict can not only detect if there is conflict, but also figure out the conflict type, the causes and location of the conflict. So it is much easier for administer in each domain to resolve the conflict.