Detection of Multiple-Duty-Related Security Leakage in Access Control Policies
Source: North Carolina State University
Access control mechanisms control which subjects (Such as users or processes) has access to which resources. To facilitate managing access control, policy authors increasingly write access control policies in XACML. Access control policies written in XACML could be amenable to multiple-duty-related security leakage, which grants unauthorized access to a user when the user takes multiple duties (e.g., Multiple roles in role-based access control policies). To help policy authors detect multiple-duty-related security leakage, the authors develop a novel framework that analyzes policies and detects cases that potentially cause the leakage.
| Format: | Size: | 284.80 | |
| Date: | Jun 2009 |
People who downloaded this item also downloaded
- Securing Visitor Access Through Network Access Control Technology
- Insider Risk Management: A Framework Approach to Internal Security
- Managing Third Party Risk
- Access Control Industry Best Practices
- Using the IBM Security Blueprint to Address Business Risks for Employee Offboarding
