Abstract
In distributed component environment, a Role-Based Access Control (RBAC) server manages all authorization policies of components in the same domains whereas the components are distributed to an application server on a network with their authorization policies. It is necessary to detect inconsistency between the authorization policies of the RBAC server and the distributed components to guarantee the authorization policy integrity while system configuration and policies are changing. In this paper, an inconsistency detection method between the two authorization policies is proposed. Conditions of guaranteeing consistency are investigated to detect the inconsistencies and validated in a case study.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Ahn, G.-J., Sandhu, R.: Role-Based Authorization Constraints Specification. ACM Transactions on Information and System Security 3(4), 207–226 (2000)
Beznosov, K., Deng, Y.: A Framework for Implementing Role-based Access Control Using CORBA Security Service. In: Proceedings of the Fourth ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, October 1999, pp. 19–30 (1999)
Ferraiolo, D.F., et al.: Role-Based Access Control. Artech House (2003)
Ferraiolo, D.F., Sandhu, R., Gavrila, S.: Proposed NIST Standard for Role- Based, Access Control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)
Hartman, B., et al. (eds.): Enterprise Security with EJB and CORBA, ch. 8, Scaleable Security Policies. Wiley, Chichester (2001)
Moon, C.-J., Park, D.-H., Park, S.-J., Baik, D.-K.: Symmetric RBAC Model that Takes the Separation of Duty and Role Hierarchies into Consideration. Computers & Security 23(2), 126–136 (2004)
Osborn, S., Sandhu, R., Munawer, Q.: Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies. ACM Transactions on Information and System Security 3(2), 85–106 (2000)
OMG, CORBA Component Model, v3.0, ch1 Component Model
Sandhu, R.S., Coynek, E.J., Feinsteink, H.L., Youmank, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST Model for Role-Base Access Control: Toward A Unified Standard. ACM Transactions on Information and System Security 4(3) (August 2001)
Sun Microsystems, Enterprise JavaBeansTM Specification Version 2.1, ch4 Enterprise Beans as components
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Moon, CJ., In, H.P. (2005). Inconsistency Detection of Authorization Policies in Distributed Component Environment. In: Lim, C.H., Yung, M. (eds) Information Security Applications. WISA 2004. Lecture Notes in Computer Science, vol 3325. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31815-6_4
Download citation
DOI: https://doi.org/10.1007/978-3-540-31815-6_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24015-0
Online ISBN: 978-3-540-31815-6
eBook Packages: Computer ScienceComputer Science (R0)