Research on Checking and Digesting Policy Conflicts Under Multi-Policy Environments
|School||Huazhong University of Science and Technology|
|Course||Applied Computer Technology|
|Keywords||Access Control Policy conflicts Non-uniform conflict Collision detection Conflict Resolution|
Access control technology to protect the security of the system , through the development of some kind of control strategy and its main purpose is to protect system resources from unauthorized users to access or unauthorized access by legitimate users . Multiple access control policies , however , probably because of the different needs of different access authorization results . These inconsistencies will lead to policy conflicts . If a system policy conflict will lead to policy failure because of conflict . When the presence of a large number of policy conflict , it will cost a lot of system resources , and even cause the system to crash . Most studies on policy conflict at home and abroad are use policy description language , complete the appropriate conflict detection and resolution by way of logical deduction . These studies are often only a single access control policy conflict model . The strategy of conflict under the combined effect of a variety of access control model is relatively scant . In response to these issues , the proposed policy conflict detection and a multi- strategy support digestion model directed graph model , the policy conflict detection problem into subject and object domain to figure seeking node connectivity node , and then the strategy portfolio complete policy conflict digestion . For non- conformance of access control system security policy and the effectiveness of strategies coexist conflict , a priority-based conflict digestion . The digestion methods quickly and efficiently to ensure that when the strategy of a relatively small number of complete non - conformance conflicts digestion process . Finally , based on a combination of these theoretical studies to achieve policy analysis module of the the tag library system of secure access to multi-strategy , the completion of the Detection and Resolution Algorithm .