Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SACMAT
2006
ACM
2006
ACM
Constraint generation for separation of duty
Separation of Duty (SoD) is widely recognized to be a fundamental principle in computer security. A Static SoD (SSoD) policy states that in order to have all permissions necessary to complete a sensitive task, the cooperation of at least a certain number of users is required. In Role-Based Access Control (RBAC), Statically Mutually Exclusive Role (SMER) constraints are used to enforce SSoD policies. This paper studies the problem of generating sets of constraints that (a) enforce a set of SSoD policies, (b) are compatible with the existing role hierarchy, and (c) are minimal in the sense that there is no other constraint set that is less restrictive and satisfies (a) and (b). Categories and Subject Descriptors D.4.6 [Operating Systems]: Security and Protection—Access controls; K.6.5 [Management of Computing and Information Systems]: Security and Protection General Terms Algorithms, Security Keywords role based access control, separation of duty, constraints
Real-time Traffic| Added | 14 Jun 2010 |
| Updated | 14 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | SACMAT |
| Authors | Hong Chen, Ninghui Li |
Comments (0)
Researcher Info
|
