Sciweavers

IEEEARES
2010
IEEE

Strategies for Reducing Risks of Inconsistencies in Access Control Policies

14 years 6 months ago
Strategies for Reducing Risks of Inconsistencies in Access Control Policies
—Managing access control policies is a complex task. We argue that much of the complexity is unnecessary and mostly due to historical reasons. There are number of legacy policy specification languages that all have limitations of some kind. These limitations have forced policy implementers to use certain styles of writing policies, often resulting in inconsistencies. The detection and resolution of these inconsistencies has been widely researched and many solutions have been found. This paper highlights new possibilities for avoiding inconsistencies, drawing on the expressive power allowed in the condition field of rules in modern languages such as XACML. In particular, we show that making use of this expressive power has many advantages—it allows organizations to considerably reduce the number of policies and rules required to protect company assets; it provides improved views and summaries of related policies; and it allows increased scalability of analysis tools, such as tools t...
Bernard Stepien, Stan Matwin, Amy P. Felty
Added 17 May 2010
Updated 17 May 2010
Type Conference
Year 2010
Where IEEEARES
Authors Bernard Stepien, Stan Matwin, Amy P. Felty
Comments (0)