Semantic web technologies to aid dominance detection for access control policies

Semantic web technologies to aid dominance detection for access control policies

We present a dominance detection algorithm as part of a policy authoring process that makes extensive use of semantic models to perform a novel dominance detection of access control policies, where groups of deployed policies are considered in unison to discover redundancy. The approach is targeted...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Barron, Jason, Davy, Steven
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Access control
Algorithm design and analysis
Computational modeling
Ontologies
Optimization
Redundancy
Semantics
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:We present a dominance detection algorithm as part of a policy authoring process that makes extensive use of semantic models to perform a novel dominance detection of access control policies, where groups of deployed policies are considered in unison to discover redundancy. The approach is targeted towards the pre-deployment stage of the policy authoring process and aims to help prevent the introduction of redundant policies into the system. To achieve this, semantic queries are executed over instances of new and deployed policy elements in order to select matching elements for further analysis. The semantic queries may return a large number of deployed policy elements so we present an algorithm that prunes the search space to reduce the problem size. We show that for large sets of deployed policies, we can discover relatively large sets that are considered dominant.
ISSN:1573-0077