An Optimal Conflict Resolution Strategy for Event-Driven Role Based Access Control Policies
Author
Basit Shaiq, Elisa Bertino, and Arif Ghafoor
Tech report number
CERIAS TR 2005-08
Abstract
Role based access control (RBAC) has generated great interest in the security community for its inherent richness and flexibility in modeling a wide range of access control policies. Any comprehensive access control model such as RBAC requires verification tools to support consistency analysis and identify possible policy conflicts. These conflicts, if remain undetected and unresolved, expose the underlying system to numerous vulnerabilities and security risks. In this paper, we propose a verification framework for detection and resolution of inconsistencies and conflicts in event-driven RBAC policies. The framework uses an integer programming based approach for optimal resolution of policy conflicts. The proposed approach is generic and can be tuned to a variety of optimality measures.
Publication Date
1900-01-01
Contents
Event-driven RBAC
Policy verification
Conflict resolution
Subject
Resolution of conflicts in event-driven RBAC policies