Title :
A Novelty Approach for Checking Consistency of Security Policy
Author :
Changhua, Liu ; Yaqin, Li ; Zhensong, Liao
Author_Institution :
Dept. of Comput. & Inf. Eng., Wuhan Polytech. Univ., Wuhan, China
Abstract :
Trust negotiation (TN) is an approach to establishing trust relationship between strangers by disclosing iteratively credentials and access control policies. In open and distributed environment, while TN brings convenience in resource sharing, it still has some shortcomings, such as easy to fail in negotiation, difficult to track users´ deed and so on. In ATN, access control policy plays a key role in protecting resources from unauthorized access. In practice, a policy may contain sensitive information, and its disclosure may cause damages. In order to protect the sensitive policy or its content, the policy is usually designed complex. Even worse, the policy may be self contradictory, which would lead the negotiation to fail. To solve such a problem, a new approach for checking policy consistency is proposed in the paper. In the approach, we analyze why the policy inconsistency happens and specify how to avoid it by simplifying a compound policy. Meanwhile, the approach is proved useful to hide policy by presenting some useful theorems to generate minimal policy set and credential set.
Keywords :
authorisation; access control policies; checking consistency; credential set; distributed environment; iterative credentials; minimal policy set; open environment; resource sharing; security policy; trust negotiation; unauthorized access; Access control; Application software; Business; Computer security; Information security; Information technology; Internet; Privacy; Protection; Resource management; ATN; Hiding policy; access control policy; checking policy; policy consistency;
Conference_Titel :
Information Technology and Applications, 2009. IFITA '09. International Forum on
Conference_Location :
Chengdu
Print_ISBN :
978-0-7695-3600-2
DOI :
10.1109/IFITA.2009.205
