Title :
Conflicts analysis and resolution for access control policies
Author :
Wang, Yigong ; Zhang, Hongqi ; Dai, Xiangdong ; Liu, Jiang
Author_Institution :
Henan Key Lab. of Inf. Security, Zhengzhou Inf. Sci. & Technol. Inst., Zhengzhou, China
Abstract :
Access control is the central mechanism for achieving security requirements in information systems. The guarantee of the security requirements, described by access control policies (ACPs), cannot be obtained when there exist conflicts in ACPs. In this paper, we propose an improved access control model that is flexible and effective for conflict analysis of ACPs. We analyze three types of policy conflicts in this model, which are modality conflict, redundancy conflict and potential conflict, and then the respective resolution methods are proposed. Finally, we prove that these methods can effectively resolve conflicts in ACPs, and that after resolving the potential conflicts, the policies cannot derive any actual conflict.
Keywords :
authorisation; information systems; ACP; access control model; access control policy; central mechanism; conflict resolution; conflicts analysis; information systems; modality conflict; potential conflict; redundancy conflict; security requirements; Analytical models; Authorization; Computer architecture; Information systems; Redundancy; access control policy; conflict analysis; conflict resolution; policy conflict;
Conference_Titel :
Information Theory and Information Security (ICITIS), 2010 IEEE International Conference on
Conference_Location :
Beijing
Print_ISBN :
978-1-4244-6942-0
DOI :
10.1109/ICITIS.2010.5689459
