Abstract
This paper gives firstly an introduction about the consistency of an Access Control List (ACL). It uses triples or in other words, in three dimensions and their corresponding decisions to describe the access control rules, i.e. ACL entries. We present then and justify the mathematical definitions of an ACL and its related components and discuss its consistency, two theorems about the consistency of the ACL. Thirdly the paper discusses verification of the consistency of the ACL and a new method used to verify the consistency of the ACL derived from the theorems in use. The method obtained here is a theoretical approach. In the conclusion, we point out that in a practical system, verification of the consistency of the ACL is necessary and the method is an effective and efficient one, further measures should be taken and study should be continued to reduce the amount of computation needed to examine the consistency of the ACL.
Supported by the National Natural Science Foundation of China under Grant No.90104033.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
T. Ryutov and C. Neuman. Representation and Evaluation of Security Policies for Distributed System Services. In proceeding of the DARPA Information survivability conference Exposition, January 2000. Hilto Head, South Carolina.
R. S. Sandhu and P. Samarati. Access control: principles and practice. IEEE Computer, 40–48, Sept 1994.
S. M. Bellovin and W. R. Cheswick. Firewalls and Internet Security. Addison-Wesley Publishing Company, Inc., 1994.
HONG Fan and FU Xiao-qing, Discrete Mathematics. Huazhong University of Science &Technology publishing company, 1995.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, Sp., Wu, Sz., Guo, T. (2002). The Consistency of an Access Control List. In: Deng, R., Bao, F., Zhou, J., Qing, S. (eds) Information and Communications Security. ICICS 2002. Lecture Notes in Computer Science, vol 2513. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36159-6_31
Download citation
DOI: https://doi.org/10.1007/3-540-36159-6_31
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00164-5
Online ISBN: 978-3-540-36159-6
eBook Packages: Springer Book Archive