Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SEC
2008
2008
Negotiation of Prohibition: An Approach Based on Policy Rewriting
Abstract. In recent security architectures, it is possible that the security policy is not evaluated in a centralized way but requires negotiation between the subject who is requesting the access and the access controller. This negotiation is generally based on exchanging credentials between the parties so that the access controller can decide to accept or deny the requesting access. Previous proposals in this field generally implicitly or explicitly assume that the access control policy only contains permissions. In this paper, we present a new approach of negotiation when the security policy contains both permissions and prohibitions. In this case, we claim that it would not be fair to ask for credentials to directly activate prohibitions. Thus, our approach consists in rewriting the policy into an equivalent one that only contain permissions. Since the rewritten policy specifies negative conditions, we then show how to define strategies to negotiate these negative conditions.
Real-time Traffic| Added | 30 Oct 2010 |
| Updated | 30 Oct 2010 |
| Type | Conference |
| Year | 2008 |
| Where | SEC |
| Authors | Nora Cuppens-Boulahia, Frédéric Cuppens, Diala Abi Haidar, Hervé Debar |
Comments (0)
Researcher Info
|
