Information Technology Reference
In-Depth Information
Action(?p A, ?aA)
∧
has_Action(?pB, ?aB)
∧
has_Action_Overlap(?aA, ?aB) → has_Permissi
on_Overlap (?pA, ?pB)
11) has_PermitA(?poA, ?pA)
∧
has_DenyB(?poB, ?pB)
∧
has_Per mission_Overlap(?pA, ?pB)
→has_Policy_Conflict(?poA, ? poB)
12) has_PermitA(?poA, ?pA)
∧
has_DenyB(?poB, ?pB)
∧
has_P ermission_Overlap(?pA, ?pB)
→has_Policy_Conflict(?poB, ? poA)
13) has_PermitB(?poA, ?pA)
∧
has_DenyA(?poB, ?pB)
∧
has_Permission_Overlap(?pA, ?pB) →
has_Policy_Conflict(?poA, ? poB)
14) has_PermitB(?poA,?pA)
∧
has_DenyA(?poB,?pB)
∧
has_Pe rmission_Overlap(?pA, ?pB)
→ has_Policy_Conflict(?poB, ?poA)
Where, 1)-6) describe conditions for overlap relationship, which includes subject
overlap and object overlap. 1)-3) represent reflexivity of overlap relationship. 4)
represents transitivity of overlap relationship. 6) represents symmetry of overlap rela-
tionship. 7)-9) represent overlap relationship between subjects, overlap relationship
between objects, overlap relationship between actions respectively. 10) represents
relations with overlapped subject, object and action. 11) -14) represent conflict.
The detection reports of “conflict-related rule” are input through queries on all in-
stances satisfying “conflict-related rule condition”. The queries are implemented by
nRQL query language which is used by Racer.
5
Experiments
This section, we evaluate the correctness and effectiveness of our conflict-related rules
detection tool. We use a policy of an information system to evaluate the correctness,
and compare the response times of our tool and CPN based tool to evaluate the
effectiveness.
The environment of experiments is: CPU: 2.93GHzMemory: 4.00GB of RAM,
operation system: Windows XP, reasoning engine: RacerPro 1.9.2 beta.
5.1
Correctness Analysis
We use the access control policy shown in introduction as input, which are written in
XACML language and the output as Table 1 showed.
Using the tool to detect “conflict-related rules” in access control policy, the result is
obtained after 1.4 second.
The output is represented as Table 1. As Table 1 shown, the “conflict-related rules”
detected by the tool are divided into three types: rules of opposite actions, subject
overlap rules, and object overlap rules.
Table 1.
The result of the tool
Output type
output content
rule of opposite actions
“rule 1 and rule 3 have conflict”
subject overlap rule
“subject overlap rule is: rule 0”
object overlap rule
“object overlap rule is: rule 5”
