For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Inconsistency Resolution Method for RBAC Based Interoperation
Chao HUANG Jianling SUN Xinyu WANG Di WU
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2010/05/01
Online ISSN: 1745-1361
Print ISSN: 0916-8532
Type of Manuscript: Special Section PAPER (Special Section on Information and Communication System Security)
role based access control, security inconsistency, role mapping, inconsistency detection, inconsistency resolution,
Full Text: PDF(518.7KB)>>
In this paper, we propose an inconsistency resolution method based on a new concept, insecure backtracking role mapping. By analyzing the role graph, we prove that the root cause of security inconsistency in distributed interoperation is the existence of insecure backtracking role mapping. We propose a novel and efficient algorithm to detect the inconsistency via finding all of the insecure backtracking role mappings. Our detection algorithm will not only report the existence of inconsistency, but also generate the inconsistency information for the resolution. We reduce the inconsistency resolution problem to the known Minimum-Cut problem, and based on the results generated by our detection algorithm we propose an inconsistency resolution algorithm which could guarantee the security of distributed interoperation. We demonstrate the effectiveness of our approach through simulated tests and a case study.