Modular Composition of Access Control Policies: A Framework to Build Multi-Site Multi-Level Combinations

被引:0
|
作者
Bertolissi, Clara [1 ]
Fernandez, Maribel [2 ]
机构
[1] Univ Aix Marseille, CNRS, UMR 7020, Marseille, France
[2] Kings Coll London, London, England
来源
PROCEEDINGS OF THE 27TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, SACMAT 2022 | 2022年
关键词
Access Control; Policy Composition; Policy Administration; Policy Analysis; Category-Based Access Control;
D O I
10.1145/3532105.3535043
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We present general notions of access control policy composition using the CBAC model. We show that CBAC provides a uniform framework to define compositions of heterogeneous policies (e.g., RBAC and ABAC policies) as required in many practical situations. Compositions can be built both horizontally (where.. given policies are combined to define a new policy) and vertically (where policies are extended by adding administration layers). We show that under some conditions on the operations used to build the composition, it is possible to ensure that the result preserves desirable properties (such as liveness and effectiveness). We also discuss mechanisms to detect and eliminate conflicts that may arise when composing policies originating from different sources.
引用
收藏
页码:7 / 18
页数:12
相关论文
共 50 条
  • [1] A multi-level classification framework for multi-site medical data: Application to the ADHD-200 collection
    Itani, Sarah
    Lecron, Fabian
    Fortemps, Philippe
    [J]. EXPERT SYSTEMS WITH APPLICATIONS, 2018, 91 : 36 - 45
  • [2] Multi-Site Allocation Policies on a Grid and Local Level
    Dimitriadou, Sofia K.
    Karatza, Helen D.
    [J]. ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2010, 261 : 163 - 179
  • [3] Multi-level access control for collaborative CAD
    Fang, CH
    Peng, W
    Ye, XZ
    Zhang, SY
    [J]. PROCEEDINGS OF THE NINTH INTERNATIONAL CONFERENCE ON COMPUTER SUPPORTED COOPERATIVE WORK IN DESIGN, VOLS 1 AND 2, 2005, : 643 - 648
  • [4] Multi-level Access Control for Geo Contents
    Park, Sun Rae
    Lee, Jong Suk Ruth
    Cho, Kum Won
    Lee, Kyu-Chul
    [J]. CONTROL AND AUTOMATION, AND ENERGY SYSTEM ENGINEERING, 2011, 256 : 183 - +
  • [5] A Multi-level Security Access Control Framework for Cross-Domain Networks
    Zhang, Hongbin
    Chang, Jiang
    Wang, Junshe
    [J]. 2017 IEEE INTERNATIONAL CONFERENCE ON COMPUTATIONAL SCIENCE AND ENGINEERING (CSE) AND IEEE/IFIP INTERNATIONAL CONFERENCE ON EMBEDDED AND UBIQUITOUS COMPUTING (EUC), VOL 2, 2017, : 316 - 319
  • [6] Modular Multi-Level Replanning TAMP Framework for Dynamic Environment
    Lin, Tao
    Yue, Chengfei
    Liu, Ziran
    Cao, Xibin
    [J]. IEEE ROBOTICS AND AUTOMATION LETTERS, 2024, 9 (05) : 4234 - 4241
  • [7] A framework for multi-level modeling and optimization of modular hierarchical systems
    Wagner, Tobias
    Biermann, Dirk
    [J]. RESEARCH AND INNOVATION IN MANUFACTURING: KEY ENABLING TECHNOLOGIES FOR THE FACTORIES OF THE FUTURE - PROCEEDINGS OF THE 48TH CIRP CONFERENCE ON MANUFACTURING SYSTEMS, 2016, 41 : 159 - 164
  • [8] A multi-level and multi-site mesh refinement method for the 2D problems with microstructures
    Li, Dinghe
    Wang, Zhenming
    Zhang, Chao
    [J]. MECHANICS OF ADVANCED MATERIALS AND STRUCTURES, 2021, 28 (14) : 1462 - 1479
  • [9] A Study on Energy Balancing and Control of Modular Multi-Level Converters
    Fawzi, M.
    Kalas, A. E.
    Elfar, H.
    Elbakssawy, O.
    [J]. PROCEEDINGS OF 2016 EIGHTEENTH INTERNATIONAL MIDDLE EAST POWER SYSTEMS CONFERENCE (MEPCON), 2016, : 164 - 170
  • [10] Control of the Modular Multi-Level Converter for Minimized Cell Capacitance
    Engel, Stefan P.
    De Doncker, Rik W.
    [J]. PROCEEDINGS OF THE 2011-14TH EUROPEAN CONFERENCE ON POWER ELECTRONICS AND APPLICATIONS (EPE 2011), 2011,
12345