Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
The role-based access control system of a European bank: a case study and discussion
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
On the specification and evolution of access control policies
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Using Schema Matching to Simplify Heterogeneous Data Translation
VLDB '98 Proceedings of the 24rd International Conference on Very Large Data Bases
Methods for identifying versioned and plagiarized documents
Journal of the American Society for Information Science and Technology
A survey of approaches to automatic schema matching
The VLDB Journal — The International Journal on Very Large Data Bases
Static verification of security requirements in role based CSCW systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Similarity Flooding: A Versatile Graph Matching Algorithm and Its Application to Schema Matching
ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Efficient comparison of enterprise privacy policies
Proceedings of the 2004 ACM symposium on Applied computing
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Similarity measures for tracking information flow
Proceedings of the 14th ACM international conference on Information and knowledge management
XACML policy integration algorithms: not to be confused with XACML policy combination algorithms!
Proceedings of the eleventh ACM symposium on Access control models and technologies
Evaluating access control policies through model checking
ISC'05 Proceedings of the 8th international conference on Information Security
The policy continuum-Policy authoring and conflict analysis
Computer Communications
Performance evaluation of XACML PDP implementations
Proceedings of the 2008 ACM workshop on Secure web services
DPMF: A policy management framework for heterogeneous authorization systems in grid environments
Multiagent and Grid Systems - Content management and delivery through P2P-based content networks
Assured information sharing: concepts and issues
Proceedings of the 2nd international conference on Security of information and networks
Data protection models for service provisioning in the cloud
Proceedings of the 15th ACM symposium on Access control models and technologies
Strong and weak policy relations
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Statistics & clustering based framework for efficient XACML policy evaluation
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Analysis of privacy and security policies
IBM Journal of Research and Development
Privacy-preserving similarity measurement for access control policies
Proceedings of the 6th ACM workshop on Digital identity management
Access Control for Databases: Concepts and Systems
Foundations and Trends in Databases
Towards coequal authorization for dynamic collaboration
AMT'11 Proceedings of the 7th international conference on Active media technology
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
| Hi-index | 0.00 |
Recent collaborative applications and enterprises very often need to efficiently integrate their access control policies. An important step in policy integration is to analyze the similarity of policies. Existing approaches to policy similarity analysis are mainly based on logical reasoning and boolean function comparison. Such approaches are computationally expensive and do not scale well for large heterogeneous distributed environments (like Grid computing systems). In this paper, we propose a policy similarity measure as a filter phase for policy similarity analysis. This measure provides a lightweight approach to pre-compile a large amount of policies and only return the most similar policies for further evaluation. In the paper we formally define the measure, by taking into account both the case of categorical attributes and numeric attributes. Detailed algorithms are presented for the similarly computation. Results of our case study demonstrates the efficiency and practical value of our approach.