首页    期刊浏览 2024年12月02日 星期一
登录注册

文章基本信息

  • 标题:Access Control Policy Analysis Using Free Variable Tableaux
  • 本地全文:下载
  • 作者:Hiroaki Kamoda ; Masaki Yamaoka ; Shigeyuki Matsuda
  • 期刊名称:Information and Media Technologies
  • 电子版ISSN:1881-0896
  • 出版年度:2006
  • 卷号:1
  • 期号:2
  • 页码:1155-1169
  • DOI:10.11185/imt.1.1155
  • 出版社:Information and Media Technologies Editorial Board
  • 摘要:The specification of access control policies for large, multi-organization applications is difficult and error-prone. Sophisticated policies are needed for fine-grained control of access to large numbers of entities, resulting in many policies specified by different security administrators. Techniques such as role based access control (RBAC) have been proposed to group policies and provide a framework for inheriting policies based on role hierarchies. RBAC does not prevent inconsistencies and conflicts arising in the policy specifications, though, which can lead to information leaks or prevent required access. This paper proposes an approach using free variable tableaux to detect conflicts and redundant policies resulting from the combination of various types of authorization and constraint policies. This approach uses static analysis to enable complete detection of modality and static constraint policy conflicts.
国家哲学社会科学文献中心版权所有