Typing for Conflict Detection in Access Control Policies
نویسندگان
چکیده
In this paper we present an access control model that considers both abstract and concrete access control policies specifications. Permissions and prohibitions are expressed within this model with contextual conditions. This situation may lead to conflicts. We propose a type system that is applied to the different rules in order to check for inconsistencies. If a resource is well typed, it is guaranteed that access rules to the resource contain no conflicts.
منابع مشابه
An Effective Modality Conflict Model for Identifying Applicable Policies During Policy Evaluation
Policy evaluation is a process to determine whether a request submitted by a user satisfies the access control policies defined by an organization. Modality conflict is one of the main issues in policy evaluation. Existing modality conflict detection approaches do not consider complex condition attributes such as spatial and temporal constraints. An effective authorization propagation rule is n...
متن کاملA model for specification, composition and verification of access control policies and its application to web services
Despite significant advances in the access control domain, requirements of new computational environments like web services still raise new challenges. Lack of appropriate method for specification of access control policies (ACPs), composition, verification and analysis of them have all made the access control in the composition of web services a complicated problem. In this paper, a new indepe...
متن کاملUser-Centric Adaptive Access Control and Resource Configuration for Ubiquitous Computing Environments
Provision of adaptive access control is key to allowing users harness the full potential of ubiquitous computing environments. In this paper, we introduce the M-Zones Access Control (MAC) process, which provides user-centric attribute-based access control, together with automatic reconfiguration of resources in response to the changes in the set of users physically present in the environment. U...
متن کاملDesign and Implementation of Conflict Detection System for Time-Based Firewall Policies
Firewalls are one of the most common mechanisms used to protect the network from unauthorized access and security threats. Nowadays, time-based firewall policies are widely in use in many firewalls such as CISCO ACLs and Linux iptables to control network traffic with respect to time. However, network administrators struggle to maintain the firewall policies due to their high complexity. A confl...
متن کاملAn automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کامل