Welcome to the InfoSci Platform
Reference Hub2
A Practical Framework for Policy Composition and Conflict Resolution

A Practical Framework for Policy Composition and Conflict Resolution

Ousmane Amadou Dia, Csilla Farkas
Copyright: © 2012 |Volume: 3 |Issue: 4 |Pages: 26
ISSN: 1947-3036|EISSN: 1947-3044|EISBN13: 9781466614000|DOI: 10.4018/jsse.2012100101
Cite Article Cite Article

MLA

Dia, Ousmane Amadou, and Csilla Farkas. "A Practical Framework for Policy Composition and Conflict Resolution." IJSSE vol.3, no.4 2012: pp.1-26. http://doi.org/10.4018/jsse.2012100101

APA

Dia, O. A. & Farkas, C. (2012). A Practical Framework for Policy Composition and Conflict Resolution. International Journal of Secure Software Engineering (IJSSE), 3(4), 1-26. http://doi.org/10.4018/jsse.2012100101

Chicago

Dia, Ousmane Amadou, and Csilla Farkas. "A Practical Framework for Policy Composition and Conflict Resolution," International Journal of Secure Software Engineering (IJSSE) 3, no.4: 1-26. http://doi.org/10.4018/jsse.2012100101

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

In collaborative environments where resources must be shared across multiple sites, the access control policies of the participants must be combined in order to define a coherent policy. The relevant challenge in composing access policies is to deal with inconsistencies or modality conflicts. This difficulty exacerbates when the policies to compose are specified independently by different entities with no global power to decide in case of conflicts which entity must take precedence. This paper presents a semi-automated framework called Policy Composition and Conflict Resolution framework (P2CR) to address this issue. They focus on access control policies expressed as XACML statements. The authors propose a three-level conflicts resolution strategy: i) by using metadata added to the policies, ii) by using a defeasible logic theory, and iii) by providing recommendations to the entities owners of the resources. First, they provide a mechanism to add metadata to XACML. Second, they combine the access policies without prioritizing any of the entities involved in the composition. Given the context of the authors’ work, they consider this approach to be more suitable than the current approaches that are mainly negotiation-oriented or assign priorities to the policies. Finally, the resulting composite policy appears flexible and easily adjustable to runtime conflicts.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.