To search, Click below search items. |
| All Published Papers Search Service |
|
|
|
Title |
Description Logic Based Conflict Detection Methods for RB-RBAC Model |
|
Author |
Haibo Yu, Qi Xie, Haiyan Che |
| Citation |
Vol. 6 No. 1 pp. 120~125 |
|
Abstract |
RB-RBAC (Rule-Based RBAC) provides the mechanism to dynamically assign users to roles based on a finite set of authorization rules defined by the enterprise's security policy. The RB-RBAC family introduces negative authorization, represented by negative roles, which may bring conflict, and conflict detection and resolution become an import work in RB-RBAC policy management. We proposed a formalization of RB-RBAC model by description logic and developed conflict detection methods based on description logic reasoning service. Conflicts can be detected when all authorization rules have been defined, and a revised detection method is also given to improve the system efficiency when dynamically adding new authorization rule to system. Conflicts among related rules and among unrelated rules can be distinguished by these methods. We also demonstrate a simple method to resolve conflict. |
|
Keywords |
RB-RBAC, Description Logic, Policy conflict, Conflict detection |
|
URL |
