An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
Consolidating the access control of composite applications and workflows
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Hi-index | 0.00 |
Attribute-based access control (ABAC) policies are effective and flexible in governing the access to information and resources in open distributed computing environments. However, ABAC policy rules are often complex making them prone to conflicts. This paper proposes an optimized method to detect the conflicts between statistically conflicting rules in an ABAC policy. This method includes two optimization techniques: rule reduction and binary-search. The first technique reduces the rules into a set of compact, semantically equivalent rules through removing redundant information among the rules. The binary-search technique is then applied to discover the conflicts among them.