Abstract: This paper discusses static access control policy conflict detection of Attribute Based Access Control(ABAC) in the distributed computing environment, proposes a static policy conflict detection algorithm based on policy attributes decomposition. Policy attributes are decomposed and the graph of policy attributes decomposition is constructed. The intersection relationship between predicates of policy attribute is judged. The algorithm detects policy conflicts by the definition of static policy conflict which improves extensibility and achievability. Experimental result indicates that the policy conflict detection rate of proposed algorithm can reach 85%.
Attribute Based Access Control(ABAC) model,
policy attributes decomposition,