{"title":"一种新的策略隐藏和策略一致性检测方法","authors":"Deqing Zou, Zhensong Liao","doi":"10.1109/ISA.2008.39","DOIUrl":null,"url":null,"abstract":"Automated trust negotiation (ATN) is a new means to establish trust relationship through the mutual exchange of access control policy and credentials in the open and distributed environments. In ATN, access control policy plays a key role in protecting resources from unauthorized access. In practice, a policy may contain sensitive information, and its disclosure may cause damages. In order to protect the sensitive policy or its content, the policy is usually designed complex. Even worse, the policy may be self contradictory, which would lead the negotiation to fail. To solve such a problem, a new approach for checking policy consistency is proposed in the paper. In the approach, we analyze why the policy inconsistency happens and specify how to avoid it by simplifying a compound policy. Meanwhile, the approach is proved useful to hide policy by presenting some useful theorems to generate minimal policy set and credential set.","PeriodicalId":212375,"journal":{"name":"2008 International Conference on Information Security and Assurance (isa 2008)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2008-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A New Approach for Hiding Policy and Checking Policy Consistency\",\"authors\":\"Deqing Zou, Zhensong Liao\",\"doi\":\"10.1109/ISA.2008.39\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Automated trust negotiation (ATN) is a new means to establish trust relationship through the mutual exchange of access control policy and credentials in the open and distributed environments. In ATN, access control policy plays a key role in protecting resources from unauthorized access. In practice, a policy may contain sensitive information, and its disclosure may cause damages. In order to protect the sensitive policy or its content, the policy is usually designed complex. Even worse, the policy may be self contradictory, which would lead the negotiation to fail. To solve such a problem, a new approach for checking policy consistency is proposed in the paper. In the approach, we analyze why the policy inconsistency happens and specify how to avoid it by simplifying a compound policy. Meanwhile, the approach is proved useful to hide policy by presenting some useful theorems to generate minimal policy set and credential set.\",\"PeriodicalId\":212375,\"journal\":{\"name\":\"2008 International Conference on Information Security and Assurance (isa 2008)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-04-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 International Conference on Information Security and Assurance (isa 2008)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISA.2008.39\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Conference on Information Security and Assurance (isa 2008)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISA.2008.39","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A New Approach for Hiding Policy and Checking Policy Consistency
Automated trust negotiation (ATN) is a new means to establish trust relationship through the mutual exchange of access control policy and credentials in the open and distributed environments. In ATN, access control policy plays a key role in protecting resources from unauthorized access. In practice, a policy may contain sensitive information, and its disclosure may cause damages. In order to protect the sensitive policy or its content, the policy is usually designed complex. Even worse, the policy may be self contradictory, which would lead the negotiation to fail. To solve such a problem, a new approach for checking policy consistency is proposed in the paper. In the approach, we analyze why the policy inconsistency happens and specify how to avoid it by simplifying a compound policy. Meanwhile, the approach is proved useful to hide policy by presenting some useful theorems to generate minimal policy set and credential set.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
