Title :
Semantic web technologies to aid dominance detection for access control policies
Author :
Barron, Jonathan ; Davy, Steven
Author_Institution :
Telecommun. Software & Syst. Group, Waterford Inst. of Technol., Waterford, Ireland
Abstract :
We present a dominance detection algorithm as part of a policy authoring process that makes extensive use of semantic models to perform a novel dominance detection of access control policies, where groups of deployed policies are considered in unison to discover redundancy. The approach is targeted towards the pre-deployment stage of the policy authoring process and aims to help prevent the introduction of redundant policies into the system. To achieve this, semantic queries are executed over instances of new and deployed policy elements in order to select matching elements for further analysis. The semantic queries may return a large number of deployed policy elements so we present an algorithm that prunes the search space to reduce the problem size. We show that for large sets of deployed policies, we can discover relatively large sets that are considered dominant.
Keywords :
authorisation; query processing; redundancy; semantic Web; access control policies; dominance detection algorithm; matching element selection; policy authoring process predeployment stage; problem size reduction; redundant policies; search space; semantic Web technologies; semantic models; semantic query execution; Access control; Algorithm design and analysis; Computational modeling; Ontologies; Optimization; Redundancy; Semantics;
Conference_Titel :
Integrated Network Management (IM 2013), 2013 IFIP/IEEE International Symposium on
Conference_Location :
Ghent
Print_ISBN :
978-1-4673-5229-1
