Abstract:
With respect to conflict problems raised when implementing security principals such as separation of duty, least privilege in RBAC, this paper formalizes five RBAC policy conflict types, discusses causing reasons, and proposes a conflict detecting algorithm as well as simulation results, which can effectively detect conflicts defined in this paper. The work in this paper provides the basis for implementation for RBAC conflict detection.
Key words:
RBAC policy,
policy conflict,
detection algorithm
摘要: 针对RBAC模型在实施职责分离、最小特权等安全原则时引起的冲突问题,形式化定义5种RBAC策略冲突类型,分析策略冲突产生的原因,提出一种完整的策略冲突检测算法并进行仿真测试。结果表明,该算法能够有效检测定义的各类策略冲突,为RBAC策略冲突检测实施提供基础。
关键词:
RBAC策略,
策略冲突,
检测算法
CLC Number:
CHENG Xiang-Ran, CHEN Xing-Yuan, ZHANG Bin, YANG Yan. Research on RBAC Policy Conflict and Its Detection Algorithm[J]. Computer Engineering, 2010, 36(18): 135-137.
程相然, 陈性元, 张斌, 杨艳. RBAC策略冲突及其检测算法的研究[J]. 计算机工程, 2010, 36(18): 135-137.