An Extensible Intra Access Control Policy Conflict Detection Algorithm

Author

Wu Bei ; Chen Xing-yuan ; Zhang Yong-fui ; Dai Xiang-dong

Author_Institution

Inst. of Electron. Technol., Inf. Eng. Univ., Zhengzhou, China

Volume

1

fYear

2009

fDate

11-14 Dec. 2009

Firstpage

483

Lastpage

488

Abstract

Access control policy is a set of rules, which control and constraint the communication and access between all kinds of entities. Policy conflict is one of the outstanding issues related to policy management. Nevertheless current access control policy conflict detection algorithms are completely dependent on policy specification and the applications, which make these algorithms non-reusable and non-extensible. To resolve this problem, we separate the algorithm from concrete policy specification and apply a group of matrixes to define the relationship between all access control rules and all kinds of access control policy conflicts. Finally we develop an extensible intra-access control policy conflict detection algorithm that is independent of application domain to which the policies relate. The experimental result shows that the algorithm offers similar detection efficiency comparable to conventional detection algorithm.

Keywords

authorisation; matrix algebra; extensible intra-access control policy conflict detection; matrix group; policy management; policy specification; Access control; Authorization; Communication system control; Detection algorithms; Filtering; Filters; Logic programming; Packaging; Permission; Security; access control policy; extensible; intra-policy conflict detection; matrix group; reusable;

fLanguage

English

Publisher

ieee

Conference_Titel

Computational Intelligence and Security, 2009. CIS '09. International Conference on

Conference_Location

Beijing

Print_ISBN

978-1-4244-5411-2

Type

conf

DOI

10.1109/CIS.2009.248

Filename

5376460