Modality conflict analysis in XACML policy evaluation
Modality conflict is one of the main issues in policy evaluation. Modality conflict arises when two or more policies that refer to the same subject, action, and resource but with modalities of opposite sign. Authorizations could be propagated according to the inheritance relationships between concep...
محفوظ في:
| المؤلفون الرئيسيون: | , , , |
|---|---|
| التنسيق: | Conference or Workshop Item |
| اللغة: | English |
| منشور في: |
School of Computing, UUM College of Arts and Sciences
2017
|
| الوصول للمادة أونلاين: | http://psasir.upm.edu.my/id/eprint/64451/1/PID46-708-713e.pdf http://psasir.upm.edu.my/id/eprint/64451/ |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| الملخص: | Modality conflict is one of the main issues in policy evaluation. Modality conflict arises when two or more policies that refer to the same subject, action, and resource but with modalities of opposite sign. Authorizations could be propagated according to the inheritance relationships between concepts not only based on subject, resource, and action, but also condition. Identifying the applicable policies and detecting the modality conflict when temporal and spatial constraints are specified in the policies have not received enough attention. Hence, in this paper an authorization propagation rule is proposed to identify the applicable policies during policy evaluation, which relies on inheritance relationships between concepts, on the basis of the partially ordered structures obtained by classifying subject, resource, action, and condition attributes. An effective authorization propagation rule can detect most of the modality conflicts that occur among the applicable policies. |
|---|