Inconsistency detection method for access control policies

Shaikh, Riaz Ahmed, Adi, Kamel, Logrippo, Luigi and Mankovski, Serge (2010) Inconsistency detection method for access control policies. In: 2010 6th International Conference on Information Assurance and Security, IAS 2010. 2010 6th International Conference on Information Assurance and Security, IAS 2010 . UNSPECIFIED, USA, pp. 204-209. ISBN 9781424474080

Full text not available from this repository. (Request a copy)

Abstract

In enterprise environments, the task of assigning access control rights to subjects for resources is not trivial. Because of their complexity, distribution and size, access control policies can contain anomalies such as inconsistencies, which can result in security vulnerabilities. A set of access control policies is inconsistent when, for specific situations different incompatible policies can apply. Many researchers have tried to address the problem of inconsistency using methods based on formal logic. However, this approach is difficult to implement and inefficient for large policy sets. Therefore, in this paper, we propose a simple, efficient and practical solution for detecting inconsistencies in access control policies with the help of a modified C4.5 data classification algorithm.

Item Type: Book Section
Uncontrolled Keywords: access control,data classification,decision tree,inconsistency,policy validation,information systems ,/dk/atira/pure/subjectarea/asjc/1700/1710
Faculty \ School: Faculty of Science > School of Computing Sciences
Related URLs:
Depositing User: LivePure Connector
Date Deposited: 16 Aug 2022 15:31
Last Modified: 25 Sep 2022 00:06
URI: https://ueaeprints.uea.ac.uk/id/eprint/87321
DOI: 10.1109/ISIAS.2010.5604062

Actions (login required)

View Item View Item