Chao Huang,Jianling Sun,Xinyu Wang,Yuanjie Si

DOI: https://doi.org/10.1109/ebiss.2009.5138002

2009-01-01

Abstract:Access control becomes more and more essential for safe and security access to the system resources. Role based access control policy widely used in industry enterprise systems nowadays is a statement which specifies the rules about how to setup the process for granting or denying authorizations. It is extremely important to make sure that there is no inconsistency of an access control policy, since otherwise it may conceal the security danger or even break down the entire access control system. In this paper, we analyze the inconsistencies of role based access control policy, and give the formal definition for the inconsistency. We then propose an inconsistency checking algorithm to detect the inconsistencies of a role based access control policy.

Chisong Li,Hai Jin,Zhensong Liao

DOI: https://doi.org/10.3321/j.issn:1671-4512.2008.04.011

2008-01-01

Abstract:Policies inconsistency in automated trusted negotiation was studied. Conflict policies were classified into four types by feature: policy language conflicts, role exclusion ones, policy content ones and policy description ones. 0-1 table and the definition of classification were introduced to testify the consistency and validity of the access control policy. Policies are classed by access control feature and act as inputs of 0-1 table, the outputs of 0-1 table can disclose policy inconsistency and prove policy validity explicitly. While policy inconsistency problem is dealt with, the policy set for access control policy of minimum satisfaction is also given.

Mingjie Yu,Fenghua Li,Nenghai Yu,Xiao Wang,Yunchuan Guo

DOI: https://doi.org/10.1016/j.dcan.2022.09.002

IF: 6.348

2022-10-01

Digital Communications and Networks

Abstract:Policy conflicts may cause substantial economic losses. Although a large amount of effort has been spent on detecting intra-domain policy conflict, it can not detect conflicts of heterogeneous policies. In this paper, considering background knowledge, we propose a conflict detection mechanism to search and locate conflicts of heterogeneous policies. First, we propose a general access control model to describe authorization mechanisms of cloud service and a translation scheme designed to translate a cloud service policy to an Extensible Access Control Markup Language (XACML) policy. Then the scheme based on Multi-terminal Multi-data-type Interval Decision Diagram (MTMIDD) and Extended MTMIDD (X-MTMIDD) is designed to represent XACML policy and search the conflict among heterogeneous policies. To reduce the rate of false positives, the description logic is used to represent XACML policy and eliminate false conflicts. Experimental results show the efficiency of our scheme.

telecommunications

Chao Huang,Jianling Sun,Xinyu Wang,Yuanjie Si

DOI: https://doi.org/10.1109/ISBIM.2008.132

2009-01-01

Abstract:In large enterprise software systems, users often need to delegate their authority to others. Permission base delegation model (PBDM) based on RBAC96 currently is the most attractive model to fulfill the delegation requirement since it supports partly delegation and multiple steps delegation. However in PBDM there is no explicit specification of the separation of duty (SOD) constraint, which is one of the most important constraints and is essential to the security of the system. In this paper, we analyze the SOD constraint in PBDM delegation model and give the formal definition for the constraint. We prove that the constraint violation will not happen at the stage of the delegation role definition whereas it can only happen at the stage of role assignment. We then propose a protective mechanism to prevent the illegal role delegation utilizing the prerequisite conditions which are a set of Boolean expressions. We also give the algorithm to check the prerequisite conditions to help the security administrator guarantee the safe role delegation.

Hongyan Yao,Mingchu Li

2010-01-01

Abstract:Logic-based anthorization has been arisen in recent years and to reasonpolicy for getting authorization decision is of central position in it. Howeverthere may have a policy inconsistency problem dnring the process of policycombination if policy contains negative rules. This problem will make policydeduction time-consnming and authorization decision intractable. To solve thisproblem, the paper presents a logic-based approach for reasoning policy to getanthorization decision even though the policy is inconsistent. The approachadopts the operation of replacement and combination to adjust policy consistentat first, and then follows the result to reason policy for final decision. Thealgorithm for final decision runs in polynomial-time Omicron;(n2T/2).It is almost the same with Ο(Mn2T) in PolicyMaker TrustManagement System, but in which negative rules are excluded. ICIC International © 2010.

Carlos Ribeiro,Andre Zuquete,Paulo Ferreira,Paulo Guedes

DOI: https://doi.org/10.48550/arXiv.cs/0006045

2000-07-01

Abstract:With the advent of wide security platforms able to express simultaneously all the policies comprising an organization's global security policy, the problem of inconsistencies within security policies become harder and more relevant. We have defined a tool based on the CHR language which is able to detect several types of inconsistencies within and between security policies and other specifications, namely workflow specifications. Although the problem of security conflicts has been addressed by several authors, to our knowledge none has addressed the general problem of security inconsistencies, on its several definitions and target specifications.

Logic in Computer Science,Cryptography and Security

Fan Zhang,Ji Gao

2007-01-01

Abstract:Open distributed systems have provided a wonderful solution for enterprises to integrate their business systems, such as ERP and CRM. But the management of large-scale distributed system itself became the problem. To solve this problem, policy-driven mechanism is developed and it also acts as a core role in autonomic computing framework that announced by IBM. But many policy-driven solutions, such KAoS, Ponder and Rei, don't have enough ability of policy management, especially in the policy dynamic conflicts detection. This paper presents a policy-driven model and conflict detection method that is suitable in dynamic and static environment.

Li Jing

Abstract:Through policy-based network security management research,this paper analyzed the existing network secu-rity policy conflict detection and resolution method shortcomings.Based on policy refinement of ideas and security policy conflicts classification technology,policy-based network management security-level model was established,with exten-ded XACML language description.According to the relationship between policy behavior,using knowledge reasoning,dynamic layered security corresponding level of policy refinement consistency automatic detection and timely conflict resolution were made,letting it has a good reusability and scalability,and is conducive to the improvement of manage-ment efficiency.Policy-based access control refinement application implementation was verified.Finally,some of the fu-ture research directions were discussed.

Computer Science

Chao Huang,Jianling Sun,Xinyu Wang,Di Wu

DOI: https://doi.org/10.1587/transinf.e93.d.1070

2010-01-01

IEICE Transactions on Information and Systems

Abstract:In this paper, we propose an inconsistency resolution method based on a new concept, insecure backtracking role,napping. By analyzing the role graph, we prove that the root cause of security inconsistency in distributed interoperation is the existence of insecure backtracking role mapping. We propose a novel and efficient algorithm to detect the inconsistency via finding all of the insecure backtracking role mappings. Our detection algorithm will not only report the existence of inconsistency, but also generate the inconsistency information for the resolution. We reduce the inconsistency resolution problem to the known Minimum-Cut problem, and based on the results generated by our detection algorithm we propose an inconsistency resolution algorithm which could guarantee the security of distributed interoperation. We demonstrate the effectiveness of our approach through simulated tests and a case study.

Peng Liu,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.1109/WI.2005.2

2005-01-01

Abstract:Although several access control policies have been proposed for securing access to resources, they focused on security of distributed environments that were rather static. Nowadays distributed environment becomes open and dynamic. In this paper, we propose a formal language for access control policies in open and dynamic environment. The language is based on description logic program and generalized courteous logic program supporting classical negation, prioritized conflict handling and mutual exclusion constraints. The language allows the specification of positive and negative authorization, privilege delegation and revocation, prioritized conflict resolution and mutual authorization exclusions.

Chen-hua Ma,Guo-dong Lu,Jiong Qiu

DOI: https://doi.org/10.1631/jzus.a0820366

2009-01-01

Journal of Zhejiang University SCIENCE A

Abstract:The specification of authorization policies in access control models proposed so far cannot satisfy the requirements in workflow management systems (WFMSs). Furthermore, existing approaches have not provided effective conflict detection and resolution methods to maintain the consistency of authorization polices in WFMSs. To address these concerns, we propose the definition of authorization policies in which context constraints are considered and the complicated requirements in WFMSs can be satisfied. Based on the definition, we put forward static and dynamic conflict detection methods for authorization policies. By defining two new concepts, the precedence establishment rule and the conflict resolution policy, we provide a flexible approach to resolving conflicts.

Junshun Hu,Xiaoyan Liang,Yang Bo,Chunhe Xia

DOI: https://doi.org/10.1109/wict.2012.6409230

2012-01-01

Abstract:Computer Network Defense Policy is the rules of computer network and security devices. In order to achieve specific security objectives, the network need to choose the defensive measures under certain conditions. In order to generate the measures implemented by the device, it usually requires manual or automated translation from high-level network defense policy. In the translation process, due to the presence of semantic loss, man-made understanding mistakes, device machinery, etc., the high-level policy requirements cannot be completely satisfied. This will result in hiding network security risks or vulnerabilities. Through analysis of the consistency between high-level policy and low-level measures, and pointing out the lack and redundancy between the policy and measures, it can guide the further translation of policy on the device. This paper presents a novel formal and automated method to verify the consistency. When errors are detected, we will point out the location of the misconfiguration. The same time, based on SMT solving tools, it has been implemented in a prototype of consistency verifier. Experiments demonstrate that this tool is able to check the consistency and have good scalability and efficiency.

Nguyen Minh Hoang,Ha Xuan Son

DOI: https://doi.org/10.1145/3309074.3309097

2019-01-01

Abstract:Access control is a security technique that specifies access rights to resources in a cloud computing environment. As information in cloud systems nowadays become more complex, it plays an important role in authenticating and authorizing users and preventing an attacker from targeting sensitive information. However, in recent years, with the popularity of the Internet as social network, IoTs which deploy in cloud platforms for sharing data in real-time, more and more challenges have been exposed. For example, the access control mechanism must be able to guarantee fine-grained access control, privacy protection, conflicts and redundancies handle between rules of the same policy or between different policies. In this paper, we proposed an access control model based on attribute that incorporates a policy model based on the combining algorithm and prioritization of functions to resolve conflicts at a fine-grained level called "Dynamic model for fine-grained policy conflict resolution". Experiments are carried out to illustrate the relationship between the processing time for the traditional approach (single policy, multi-policy without priority) and our approach (multi-policy with priority). Experimental results show that the evaluation performance satisfies the privacy requirements defined by the user.

Kedian Mu,Weiru Liu,Zhi Jin

DOI: https://doi.org/10.1007/978-3-642-25975-3_4

2011-01-01

Abstract:Inconsistency has been considered as one of the main classes of defects in software requirements specification. Various logic-based techniques have been proposed to manage inconsistencies in requirements engineering. However, identifying an appropriate proposal for resolving inconsistencies in software requirements is still a challenging problem. In this paper, we propose a logic-based approach to generating appropriate proposals for handling inconsistency in software requirements. Informally speaking, given an inconsistent requirements specification, we identify which requirements should be given priority to be changed for resolving the inconsistency in that specification, by balancing the blame of each requirement for the inconsistency against its value for that requirements specification. We follow the viewpoint that minimal inconsistent subsets of a set of formulas are the purest forms of inconsistencies in that set. According to this viewpoint, a potential proposal for resolving inconsistencies can be described by a possible combination of some requirements to be changed that can eliminate minimal inconsistent subsets. Then we propose a method of evaluating the degree of disputability of each requirement involved in the inconsistency in a requirements specification. Finally, we provide an algorithm of generating appropriate proposals for resolving the inconsistency in a requirements specification based on the degree of disputability of requirements.

JeeHyun Hwang,Tao Xie,Vincent C. Hu

DOI: https://doi.org/10.1109/SSIRI.2009.63

2009-01-01

Abstract:Access control mechanisms control which subjects (such as users or processes) have access to which resources. To facilitate managing access control, policy authors increasingly write access control policies in XACML. Access control policies written in XACML could be amenable to multiple-duty-related security leakage, which grants unauthorized access to a user when the user takes multiple duties (e.g., multiple roles in role-based access control policies). To help policy authors detect multiple-duty-related security leakage, we develop a novel framework that analyzes policies and detects cases that potentially cause the leakage. In such cases, a user taking multiple roles (e.g., both r1 and r2) is given a different access decision from the decision given to a user taking an individual role (e.g., r1 and r2, respectively). We conduct experiments on 11 XACML policies and our empirical results show that our framework effectively pinpoints potential multiple-duty-related security leakage for policy authors to inspect.

Ke-dian MU,Zhi JIN

DOI: https://doi.org/10.3778/j.issn.1673-9418.2007.01.004

2007-01-01

Abstract:The main contribution of the paper is to provide an approach to evaluating proposals for handling inconsistency in requirements. In a given scenario,for each proposal of inconsistency handling,the expected responses of the system-to-be that can be derived from a modied requirements specication are concerned with,which results from performing the proposal.The relative importance of these expected responses in the scenario may be viewed as an abstraction of suitability of the proposal. From this sense,utility vector function to measure the degree of suitability of each proposal is presented.Then compare two proposals using their utility vector function values. It gives an intuitive ordering relationship over these proposals that can be described as "more appropriate than".These techniques provide a basis for choice of inconsistency handling proposals in requirements engineering.

HU Zhao-wei,YU Wan-jun,YANG Bo

DOI: https://doi.org/10.3969/j.issn.1001-3695.2008.01.070

2008-01-01

Abstract:This paper investigated the safety property of UCON.First the safety problem in general UCONA models undeci￣dable,then showed the UCONA model with finite attribute domains and without creating policies to be decidable.At last,by relaxing the creation restriction,showed the safety problem of UCONA model with acyclic attribute creation graph and no cycles that included create-parent tuple in attribute update graph to be decidable.

Hua Wang,Jing Ying

DOI: https://doi.org/10.1109/icmlc.2007.4370543

2007-01-01

Abstract:A recent approach to monitor and adapt system behavior at runtime is to decouple one or more external modules and self-adaptive mechanism from the target system. An important challenge arises when more than one such self-adaptive module is employed: how can we ensure that they cooperate without conflicts in a coherent fashion? This paper describes our initial approach for harmonizing conflicting policies in the presence of multiple self-adaptive modules. The main distribution of the paper is to resolve conflicts using an extended ECA rule paradigm to coordinate self-adaptive actions among multiple external modules. The approach shares advantages with other policy languages, i.e., the declarative and domain-independent semantics of policy rules. However, a key benefit of our approach is that both conflicting actions and influence of actions are considered. We focus on the problem of harmonizing self-adaptation capability by detecting and further resolving policy conflicts using action-level meta rule and value-level meta rule. Finally, this paper illustrates the efficiency of the approach in a VOD system as a case study, and discusses our future plans.

Chenghua Tang,Shunzheng Yu

DOI: https://doi.org/10.1109/NPC.2008.41

2008-01-01

Abstract:Using high-level security policy rules to regulate low-level system, the security management system with a high level of expansibility and flexibility was made. For purpose of managing network security policy duly and flexibly in the complex network environment, and resolving its issue efficiency, a dynamic and self-adaptive security policy realization mechanism is proposed. The accident monitor and policy life-cycle are put forward, and the impact of safety equipment or user requests, such as system resources found on the flow control can be calculated automatically. The system can independently carry out a dynamic, flexible and real-time to adjust and control in the network environment and security needs change. The distribution model is given to response policy request rapidly, take the appropriate policy dissemination methods, and reduce PDP computing tasks, system resource consumption, which introduces the concepts of issue affecting factors, security domain addresses allocation, etc. Expression and making ways of the structure-dissimilarity policy faced on attribute characters and operation are analyzed emphatically. The effectiveness of the proposed model and algorithms is proved by experiments.

Nan Sang,Xinyong Wu,GuangZe Xiong

2004-01-01

Journal of Information and Computational Science

Abstract:Resolution of integration of multi security policies plays an important role in secure-critical computer systems which support multi security policies. In this paper, a security state transition model is built by means of formal method, the different effects resulting from security-depended actions of different policies on security states is analyzed and a new approach to solve the integration and consistency of multi-policies is presented.