Skip to main content
SpringerLink
Log in

Inconsistency Detection of Authorization Policies in Distributed Component Environment

  • Conference paper
Book cover Information Security Applications (WISA 2004)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3325))

Included in the following conference series:

Abstract

In distributed component environment, a Role-Based Access Control (RBAC) server manages all authorization policies of components in the same domains whereas the components are distributed to an application server on a network with their authorization policies. It is necessary to detect inconsistency between the authorization policies of the RBAC server and the distributed components to guarantee the authorization policy integrity while system configuration and policies are changing. In this paper, an inconsistency detection method between the two authorization policies is proposed. Conditions of guaranteeing consistency are investigated to detect the inconsistencies and validated in a case study.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ahn, G.-J., Sandhu, R.: Role-Based Authorization Constraints Specification. ACM Transactions on Information and System Security 3(4), 207–226 (2000)

    Article  Google Scholar 

  2. Beznosov, K., Deng, Y.: A Framework for Implementing Role-based Access Control Using CORBA Security Service. In: Proceedings of the Fourth ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, October 1999, pp. 19–30 (1999)

    Google Scholar 

  3. Ferraiolo, D.F., et al.: Role-Based Access Control. Artech House (2003)

    Google Scholar 

  4. Ferraiolo, D.F., Sandhu, R., Gavrila, S.: Proposed NIST Standard for Role- Based, Access Control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)

    Article  Google Scholar 

  5. Hartman, B., et al. (eds.): Enterprise Security with EJB and CORBA, ch. 8, Scaleable Security Policies. Wiley, Chichester (2001)

    Google Scholar 

  6. Moon, C.-J., Park, D.-H., Park, S.-J., Baik, D.-K.: Symmetric RBAC Model that Takes the Separation of Duty and Role Hierarchies into Consideration. Computers & Security 23(2), 126–136 (2004)

    Article  Google Scholar 

  7. Osborn, S., Sandhu, R., Munawer, Q.: Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies. ACM Transactions on Information and System Security 3(2), 85–106 (2000)

    Article  Google Scholar 

  8. OMG, CORBA Component Model, v3.0, ch1 Component Model

    Google Scholar 

  9. Sandhu, R.S., Coynek, E.J., Feinsteink, H.L., Youmank, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)

    Google Scholar 

  10. Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST Model for Role-Base Access Control: Toward A Unified Standard. ACM Transactions on Information and System Security 4(3) (August 2001)

    Google Scholar 

  11. Sun Microsystems, Enterprise JavaBeansTM Specification Version 2.1, ch4 Enterprise Beans as components

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Information Security Technologies (CIST), Korea University, Anam Dong, Sungbuk Gu, Seoul, Korea

    Chang-Joo Moon

  2. Department of Computer Science & Engineering, Korea University, Anam Dong, Sungbuk Gu, Seoul, Korea

    Hoh Peter In

Authors
  1. Chang-Joo Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hoh Peter In
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Computer Engineering, Sejong University, 143-747, Seoul, Korea

    Chae Hoon Lim

  2. Computer Science Department, Google Inc. and Columbia University, 1214 Amsterdam Avenue, 10027, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Moon, CJ., In, H.P. (2005). Inconsistency Detection of Authorization Policies in Distributed Component Environment. In: Lim, C.H., Yung, M. (eds) Information Security Applications. WISA 2004. Lecture Notes in Computer Science, vol 3325. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31815-6_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-31815-6_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-24015-0

  • Online ISBN: 978-3-540-31815-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation