会议专题

RBAC Permission Consistency Static Analysis Framework

查看全文→
Role-Based Access Control (RBAC) is a mainstream access control method of software systems. After RBAC policies are formulated, there may be permission inconsistency between RBAC policies and practical execution paths. First, we defined the concept of RBAC permission consistency, and the concepts of execution path, Role Requirement array and Role Holding vector etc. On this basis, we proposed RBAC Permission Consistency Static Analysis Framework, proposed and proved permission consistency decision and Least Privilege principle decision theorems. This paper’s contributions include providing theoretical framework of RBAC permission consistency verification, and providing a methodology for decision of Least Privilege principle. Keywords-permission consistency; access control; static analysis; Least Privilege principle.

WANG Tao LI Wei-hua LIU Zun

School of Computer Science and Technology, Northwestern Polytechnical University, Xi’an, China

国际会议

2010年IEEE多媒体信息网络与安全国际会议

南京

英文

506-510

2010-11-01(万方平台首次上网日期,不代表论文的发表时间)