The entity-relationship model—toward a unified view of data
ACM Transactions on Database Systems (TODS) - Special issue: papers from the international conference on very large data bases: September 22–24, 1975, Framingham, MA
Identifying approximately common substructures in trees based on a restricted edit distance
Information Sciences: an International Journal
A graph-based formalism for RBAC
ACM Transactions on Information and System Security (TISSEC)
Methods and Limitations of Security Policy Reconciliation
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Catalog Integration for Electronic Commerce through Category-Hierarchy Merging Technique
RIDE '02 Proceedings of the 12th International Workshop on Research Issues in Data Engineering: Engineering E-Commerce/E-Business Systems (RIDE'02)
Administrative scope in the graph-based framework
Proceedings of the ninth ACM symposium on Access control models and technologies
Security Policy Reconciliation in Distributed Computing Environments
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Ontology-based concept similarity in Formal Concept Analysis
Information Sciences: an International Journal
Unauthorized inferences in semistructured databases
Information Sciences: an International Journal
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
A Consensus-Based Integration Method for Security Rules
KES '09 Proceedings of the 13th International Conference on Knowledge-Based and Intelligent Information and Engineering Systems: Part I
Flexible secure inter-domain interoperability through attribute conversion
Information Sciences: an International Journal
Supporting velocity of investigation with behavior analysis of malware
Proceedings of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research
Hi-index | 0.07 |
Computer security policies specify conditions for permissions to access various computer resources and information. Merging two security policies is needed when two organizations, together with their computer systems, merge into one entity as in corporate business acquisition. We propose a graph-theoretic method for merging the role/object hierarchies of two security policies. The formulation of merged hierachies is based on the graph minor relation in graph theory. Ideally, the merged role hierarchy should contain both the participating role hierarchies as graph minors, and similarly for the object hierarchy. We show that one can decide in polynomial time whether this ideal case is possible when the participating hierarchies are trees. We also show that in case the merged hierarchy exists, it can be constructed in polynomial time. Algorithms for detecting the feasibility of an ideal merged tree and for constructing the merged tree are presented. Our hierarchy/tree merge method is also applicable to the integration of heterogeneous databases with generalization hierarchies.