Inconsistency detection of authorization policies in distributed component environment

Authors:
Chang-Joo Moon;Hoh Peter In
Affiliations:
Center for Information Security Technologies (CIST), Korea University, Seoul, Korea;Department of Computer Science & Engineering, Korea University, Seoul, Korea
Venue:
WISA'04 Proceedings of the 5th international conference on Information Security Applications
Year:
2004

Citing 6
Cited 0

Role-Based Access Control Models

Computer
A framework for implementing role-based access control using CORBA security service

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Configuring role-based access control to enforce mandatory and discretionary access control policies

ACM Transactions on Information and System Security (TISSEC)
Role-based authorization constraints specification

ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
Role-Based Access Control

Role-Based Access Control

Quantified Score

Hi-index	0.00

Visualization

Abstract

In distributed component environment, a Role-Based Access Control (RBAC) server manages all authorization policies of components in the same domains whereas the components are distributed to an application server on a network with their authorization policies. It is necessary to detect inconsistency between the authorization policies of the RBAC server and the distributed components to guarantee the authorization policy integrity while system configuration and policies are changing. In this paper, an inconsistency detection method between the two authorization policies is proposed. Conditions of guaranteeing consistency are investigated to detect the inconsistencies and validated in a case study.