Information Technology Reference
In-Depth Information
3.3
Conflict-Related Rules
Conflict.
Definition 7 Conflict in Access Control Policy:
The conflict discussed in AC policy
is that two rules with the same subjects and objects but have opposite actions.
From the characteristic “with the same subjects and objects have opposite actions” in
Definition 7, we know that two access control rules of conflict are all statements con-
sisting of “subject expression”, “object expression”, “action expression” and “permis-
sion expression”, and in the semantics they expressed, the actions are from the same
type but opposite.
Theorem 1 The Necessary and Sufficient Condition of Conflict in Access Control
Policy:
For
ξ
=
subj
,
11
obje
,
ξ
=
obje
,
subj
, the necessary and sufficient condition
2
2
1
2
for conflict of
ξ
and
ξ
is:
2
(1) condition 1
SUBJECT
∃∈
x
that:
m
n
(
)
(
)
x subj
,
∈
ξ
∧
x subj
,
∈
ξ
;
m n
,
≥
0;
m n
,
∈
N
;
1
INHERIT
2
INHERIT
(2) condition 2
∃∈
y
OBJECT
that:
(
)
j
(
)
k
obje
,
y
∈
ξ
∧
obje
,
y
∈
ξ
;
j k
,
≥
0;
j k
,
∈
N
;
1
CONTAIN
2
CONTAIN
Proof:
•
the Proof of Sufficient Condition
m
(
)
'
x subj
,
∈
ξ
,axiom 1
x subj
,
∈
ξ
ξ
=
subj
,
obje
axiom 2
1
INHERIT
1
INHERIT
1
1
1
,
'
x subj
,
∈
ξ
xobje
,
1
INHERIT
1
)
k
(
xobje
,
,
obje y
,
∈
ξ
,axio
3
1
1
CONTAIN
xy
,
Thus,
xy
was deduced .
)
m
(
'
x subj
,
∈
ξ
,axiom1
x subj
,
∈
ξ
ξ
=
obje
,
subj
axiom 2
2
INHERIT
2
INHERIT
2
2
2
,
'
xsubj
,
∈
ξ
obje
,
x
2
INHERIT
2
)
k
(
obje
,,
x
obje
,
y
∈
ξ
x om3
2
2
CONTAIN
yx
,
Thus,
yx
was deduced.
Therefore, for x and y, conflict happens since
xy
and
yx
can both be de-
duced at the same time, so the sufficient condition is proved.