Abstract

Specifying a security policy that includes both permissions and prohibitions, may lead to conflicts. This corresponds to a situation where a subject is both permitted and prohibited to perform a given action on a given object. We adopt a comparative approach to investigate this problem. We first investigate access control models based on rules, called Rule-BAC, and present weaknesses that arise when we try to manage conflicts in this model. In particular, Rule-BAC models fail to provide decidable solution to redundant rules and potential conflicts problems. Then, we show how a more structured model, say OR-BAC (Organization Based Access Control), gifted with inheritance mechanism make redundant rules and potential conflict problems tractable in polynomial time.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Non-monotonocity in OrBAC through default and exception policy rules
Seyyed Ahmad Javadi ... Rasool Jalili
-
Seyyed Ahmad Javadi, et. al.Seyyed Ahmad Javadi ... Rasool Jalili
01 Sep 2012
Integrity-Organization Based Access Control for Critical Infrastructure Systems
Abdeljebar Ameziane El Hassani ... Anas Abou El Kalam
-
Abdeljebar Ameziane El Hassani, et. al.Abdeljebar Ameziane El Hassani ... Anas Abou El Kalam
01 Jan 2012
Integrity-OrBAC: a new model to preserve Critical Infrastructures integrity
Abdeljebar Ameziane El Hassani ... Adel Bouhoula
International Journal of Information Security | VOL. 14
Abdeljebar Ameziane El Hassani, et. al.Abdeljebar Ameziane El Hassani ... Adel Bouhoula
20 Aug 2014
Administration Model for Or-BAC
Frédéric Cuppens ... Alexandre Miège
-
Frédéric Cuppens, et. al.Frédéric Cuppens ... Alexandre Miège
01 Jan 2003
View more papers

More From: Electronic Notes in Theoretical Computer Science

Paper Title
Journal
Date
Author
Building a Maximal Independent Set for the Vertex-coloring Problem on Planar Graphs
Cristina López-Ramírez ... Guillermo De Ita Luna
Electronic Notes in Theoretical Computer Science | VOL. 354
Cristina López-Ramírez, et. al.Cristina López-Ramírez ... Guillermo De Ita Luna
24 Nov 2020
Preface
Pilar Pozos Parra ... J Raymundo Marcial-Romero
Electronic Notes in Theoretical Computer Science | VOL. 354
Pilar Pozos Parra, et. al.Pilar Pozos Parra ... J Raymundo Marcial-Romero
24 Nov 2020
Murphree's Numerical Term Logic Tableaux
J Martín Castro-Manzano
Electronic Notes in Theoretical Computer Science | VOL. 354
J Martín Castro-ManzanoJ Martín Castro-Manzano
24 Nov 2020
A Note on Constructive Interpolation for the Multi-Modal Logic Km
Everardo Bárcenas ... Alejandro Velázquez-Mena
Electronic Notes in Theoretical Computer Science | VOL. 354
Everardo Bárcenas, et. al.Everardo Bárcenas ... Alejandro Velázquez-Mena
24 Nov 2020
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.