Modality conflict analysis in XACML policy evaluation

Citation

Teo, Poh Kuang and Ibrahim, Hamidah and Sidi, Fatimah and Udzir, Nur Izura (2017) Modality conflict analysis in XACML policy evaluation. In: 6th International Conference on Computing and Informatics (ICOCI 2017), 25-27 Apr. 2017, Kuala Lumpur, Malaysia. (pp. 708-713).

Abstract

Modality conflict is one of the main issues in policy evaluation. Modality conflict arises when two or more policies that refer to the same subject, action, and resource but with modalities of opposite sign. Authorizations could be propagated according to the inheritance relationships between concepts not only based on subject, resource, and action, but also condition. Identifying the applicable policies and detecting the modality conflict when temporal and spatial constraints are specified in the policies have not received enough attention. Hence, in this paper an authorization propagation rule is proposed to identify the applicable policies during policy evaluation, which relies on inheritance relationships between concepts, on the basis of the partially ordered structures obtained by classifying subject, resource, action, and condition attributes. An effective authorization propagation rule can detect most of the modality conflicts that occur among the applicable policies.

Download File

Text
PID46-708-713e.pdf
Restricted to Repository staff only
Download (677kB)

Additional Metadata

Item Type:	Conference or Workshop Item (Paper)
Divisions:	Faculty of Computer Science and Information Technology
Publisher:	School of Computing, UUM College of Arts and Sciences
Keywords:	Modality conflict; Authorization propagation; Inheritance
Depositing User:	Nabilah Mustapa
Date Deposited:	05 Jul 2018 09:35
Last Modified:	05 Jul 2018 09:35
URI:	http://psasir.upm.edu.my/id/eprint/64451
Statistic Details:	View Download Statistic

Actions (login required)

View Item