Obligation Constraints in Access Control
We introduce the notion of obligation constraints in the context of access control systems. Such constraints requires that in order to have all permissions necessary to complete a sensitive task, the cooperation of at least a certain number of users is required. In this paper, we formally define the notion of obligation constraints, strict obligation constraints, and introduce the obligation satisfy checking problem (OSCP), which asks whether an access control state satisfies a given obligation constraint, and show that it is intractable (NPcomplete). We present an improvement algorithm for OSCP, the algorithm uses preprocessing and static pruning techniques that reduce the number of users that need to be considered. Furthermore, we design and evaluate an improvement algorithm for solving OSCP.
Obligation constraint computational complexity access control
Zongda Wu Jianfeng Lu Chenglang Lu
Oujiang College, Wenzhou University, Wenzhou, Zhejiang, China. Department of computer science, Zhejiang Normal University, Jinhua, Zhejiang, China.
国际会议
南京
英文
335-339
2010-11-01(万方平台首次上网日期,不代表论文的发表时间)