Handling Inheritance Violation for Secure Interoperation of Heterogeneous Systems

Hejiao Huang Helene Kirchner 1 Songyun Liu Weili Wu
1 PROTHEO - Constraints, automatic deduction and software properties proofs
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : In a multiple domains application environment, where distributed multiple heterogeneous systems interoperate with each other, the local access control policies should correspondingly be integrated together in order to allow users of one organization to interact with other domains. One of key challenges of integrating policies is the conflict detection and resolution while preserving individual policy consistency. This paper addresses the problem of detecting and resolving inheritance violation in the interoperation of multiple heterogeneous systems. In this paper, the inheritance hierarchy of a security policy is formulated with a directed graph. Solving inheritance violation problem (IVP) is formulated as a feedback arc set problem, which is NP-hard. Then some classical approximation algorithms are introduced. The IVP in two interoperating domains is converted into the problem of finding a minimum weight vertex cover problem in a bipartite graph, which is polynomial-time solvable.
Type de document :
Article dans une revue
International Journal of Security and Networks, Inderscience, 2007, 4 (4), pp.223-233
Liste complète des métadonnées

https://hal.inria.fr/inria-00433391
Contributeur : Helene Kirchner <>
Soumis le : jeudi 19 novembre 2009 - 10:45:52
Dernière modification le : jeudi 11 janvier 2018 - 06:19:58

Identifiants

  • HAL Id : inria-00433391, version 1

Collections

Citation

Hejiao Huang, Helene Kirchner, Songyun Liu, Weili Wu. Handling Inheritance Violation for Secure Interoperation of Heterogeneous Systems. International Journal of Security and Networks, Inderscience, 2007, 4 (4), pp.223-233. 〈inria-00433391〉

Partager

Métriques

Consultations de la notice

212