Information Technology Reference
In-Depth Information
effectiveness of the tool in experiment with a policy of information system. The results
of the correctness experiment showed the tool detected all the conflict-related rules for
access control policy, which makes our tool can help security administrator understand
the information of the conflict situation more comprehensively. And the results of the
effectiveness experiment showed that our tool's response performance is better than
VPN tools.
Our future work would pay attention to extend this tool to situations may have other
types of conflict like SoD to detect the conflict-related rules.
Acknowledgment.
We would like to express gratitude to associate Mr. Yang Bo, Chao
Yuan, Junshun Hu, and Ms. Xue Qiu for many helpful discussions.
References
1.
Sandhu, R., Ferraiolo, D.F., Kuhn, D.R.: The NIST Model for Role Based Access Control:
Toward a Unified Standard. In: 5th ACM Workshop on Role Based Access Control,
pp. 47-63. ACM Press (2000)
2.
Doconta, M.C.: A guide to the future of xml, web services, and knowledge management.
China Science and Technology Press, Beijing (2009)
3.
Lupu, E.C., Sloman, M.: Conflicts in policy-based distributed systems management. IEEE
Transactions on Software Engineering 25(6), 852-869 (1999)
4.
Heilili, N., Chen, Y., et al.: An OWL-based approach for RBAC with negative authoriza-
tion. Knowledge Science, Engineering and Management 4092, 164-175 (2006)
5.
Lu, J., Li, R., Varadharajan, V., Lu, Z., Ma, X.: Secure Interoperation in Multi-domain
Environments Employing UCON Policies. In: Samarati, P., Yung, M., Martinelli, F., Ar-
dagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 395-402. Springer, Heidelberg (2009)
6.
Moon, C.-J., Paik, W., Kim, Y.-G., Kwon, J.-H.: The conflict detection between permis-
sion assignment constraints in role-based access control. In: Feng, D., Lin, D., Yung, M.
(eds.) CISC 2005. LNCS, vol. 3822, pp. 265-278. Springer, Heidelberg (2005)
7.
Shafiq, B., Joshi, J.B.D., Bertino, E., Ghafoor, A.: Secure interoperation in a multi-domain
environment employing RBAC policies. IEEE Transactions on Knowledge and Data En-
gineering 17(11), 1557-1577 (2005)
8.
Ni, Q.: Privacy-aware role-based access control. ACM Transactions on Information and
System Security (TISSEC) 13(3), 1-31 (2010)
9.
Huang, F., Huang, Z., Liu, L.: A DL-based method for access control policy conflict de-
tecting. In: Internetware 2009, pp. 1-5. ACM, USA (2009)
10.
Mohan, A., Blough, D.M.: Detection of Conflicts and Inconsistencies in Taxonomy-based
Authorization Policies. In: 2011 IEEE International Conference on Bioinformatics and
Biomedicine, GA, Atlanta, pp. 590-594.
11.
Mansor, A.A., et al.: Policy-based approach to detect and resolve policy conflict for static
and dynamic architecture. Journal of Theoretical and Applied Information Technolo-
gy 37(2), 268-278 (2012)
12.
Radi, A., et al.: On the three levels security policy comparison between SVM and decision
trees. Journal of Theoretical and Applied Information Technology 35(1), 56-68 (2012)
13.
Huang, H., Kirchner, H.: Formal specification and verification of modular security policy
based on colored petri nets. IEEE Transactions on Dependable and Secure Compu-
ting 8(6), 852-865 (2011)
