EXAM: a comprehensive environment for the analysis of access control policies |
| |
Authors: | Dan Lin Prathima Rao Elisa Bertino Ninghui Li Jorge Lobo |
| |
Affiliation: | 1. Missouri University of Science & Technology, Rolla, MO, USA 2. Purdue University, West Lafayette, IN, USA 3. IBM T.J. Watson Research Center, Yorktown, NY, USA
|
| |
Abstract: | Policy integration and inter-operation is often a crucial requirement when parties with different access control policies
need to participate in collaborative applications and coalitions. Such requirement is even more difficult to address for dynamic
large-scale collaborations, in which the number of access control policies to analyze and compare can be quite large. An important
step in policy integration and inter-operation is to analyze the similarity of policies. Policy similarity can sometimes also
be a pre-condition for establishing a collaboration, in that a party may enter a collaboration with another party only if
the policies enforced by the other party match or are very close to its own policies. Existing approaches to the problem of
analyzing and comparing access control policies are very limited, in that they only deal with some special cases. By recognizing
that a suitable approach to the policy analysis and comparison requires combining different approaches, we propose in this
paper a comprehensive environment—EXAM. The environment supports various types of analysis query, which we categorize in the
paper. A key component of such environment, on which we focus in the paper, is the policy analyzer able to perform several
types of analysis. Specifically, our policy analyzer combines the advantages of existing MTBDD-based and SAT-solver-based
techniques. Our experimental results, also reported in the paper, demonstrate the efficiency of our analyzer. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|