Modality conflict analysis in XACML policy evaluation

Modality conflict is one of the main issues in policy evaluation. Modality conflict arises when two or more policies that refer to the same subject, action, and resource but with modalities of opposite sign. Authorizations could be propagated according to the inheritance relationships between concep...

全面介紹

Saved in:
書目詳細資料
Main Authors: Teo, Poh Kuang, Ibrahim, Hamidah, Sidi, Fatimah, Udzir, Nur Izura
格式: Conference or Workshop Item
語言:English
出版: School of Computing, UUM College of Arts and Sciences 2017
在線閱讀:http://psasir.upm.edu.my/id/eprint/64451/1/PID46-708-713e.pdf
http://psasir.upm.edu.my/id/eprint/64451/
標簽: 添加標簽
沒有標簽, 成為第一個標記此記錄!
實物特徵
總結:Modality conflict is one of the main issues in policy evaluation. Modality conflict arises when two or more policies that refer to the same subject, action, and resource but with modalities of opposite sign. Authorizations could be propagated according to the inheritance relationships between concepts not only based on subject, resource, and action, but also condition. Identifying the applicable policies and detecting the modality conflict when temporal and spatial constraints are specified in the policies have not received enough attention. Hence, in this paper an authorization propagation rule is proposed to identify the applicable policies during policy evaluation, which relies on inheritance relationships between concepts, on the basis of the partially ordered structures obtained by classifying subject, resource, action, and condition attributes. An effective authorization propagation rule can detect most of the modality conflicts that occur among the applicable policies.