Title :
An Extensible Intra Access Control Policy Conflict Detection Algorithm
Author :
Wu Bei ; Chen Xing-yuan ; Zhang Yong-fui ; Dai Xiang-dong
Author_Institution :
Inst. of Electron. Technol., Inf. Eng. Univ., Zhengzhou, China
Abstract :
Access control policy is a set of rules, which control and constraint the communication and access between all kinds of entities. Policy conflict is one of the outstanding issues related to policy management. Nevertheless current access control policy conflict detection algorithms are completely dependent on policy specification and the applications, which make these algorithms non-reusable and non-extensible. To resolve this problem, we separate the algorithm from concrete policy specification and apply a group of matrixes to define the relationship between all access control rules and all kinds of access control policy conflicts. Finally we develop an extensible intra-access control policy conflict detection algorithm that is independent of application domain to which the policies relate. The experimental result shows that the algorithm offers similar detection efficiency comparable to conventional detection algorithm.
Keywords :
authorisation; matrix algebra; extensible intra-access control policy conflict detection; matrix group; policy management; policy specification; Access control; Authorization; Communication system control; Detection algorithms; Filtering; Filters; Logic programming; Packaging; Permission; Security; access control policy; extensible; intra-policy conflict detection; matrix group; reusable;
Conference_Titel :
Computational Intelligence and Security, 2009. CIS '09. International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-5411-2
DOI :
10.1109/CIS.2009.248
