A prioritized-based approach to handling conflicts in access control

Author

Benferhat, Salem ; El Baida, Rania

Author_Institution

Univ. d´´Artois, Lens, France

fYear

2004

fDate

15-17 Nov. 2004

Firstpage

286

Lastpage

293

Abstract

Modeling information security policies is an important problem in many domains. Recently, a new access control system, called OrBAC (organization-based access control) has been proposed. This model brings many solutions to the existing access control systems. However, it does not deal with conflicts due to the joint handling of permission and prohibition policies. This work deals with the problem of handling conflicts in the OrBAC system, modeled by first order logic knowledge bases. We show that the "blind" application of propositional approaches to inconsistent first order knowledge bases can lead to undesirable conclusions. A solution based on weakening first order formulas responsible of conflicts is proposed.

Keywords

authorisation; entity-relationship modelling; formal logic; information systems; knowledge based systems; nonmonotonic reasoning; OrBAC system; access control conflicts handling; access control system; first order formula; first order logic knowledge bases; information security policy modeling; organization-based access control; prioritized-based approach; Access control; Artificial intelligence; Control systems; Data security; Information security; Lenses; Logic; Management information systems; Permission; Proposals;

fLanguage

English

Publisher

ieee

Conference_Titel

Tools with Artificial Intelligence, 2004. ICTAI 2004. 16th IEEE International Conference on

ISSN

1082-3409

Print_ISBN

0-7695-2236-X

Type

conf

DOI

10.1109/ICTAI.2004.14

Filename

1374200