Global Static Separation of Duty in Multi-domains
出版社:
- 会议名称:The 2009 International Conference on Multimedia Information NEtworking and Security (MINES 2009)
- 举办地点:Wuhan,China
- 举办日期:November 18-20, 2009
- 页数:506-509
摘要内容:
Separation of duty (SoD) is an important control principle in computer security. In the context of role-based access control, the Static SoD (SSoD) policies can be enforced by Statically Mutually Exclusive Roles (SMER) constraints. This paper studies the problem of SSoD in multi-domains in the context of IRBAC model firstly. Then investigates a question related to multi-domains: the Global SSoD (GSSoD) policy in order to satisfy the global requirements. It shows that directly enforce the problem is coNP-complete. Finally, enforcing GSSoD policies by the Global Statically Mutually Exclusive Roles (GSMER) constraints in IRBAC model is given.
关键词:
- Separation of Duty; global static separation of duty;global statically mutually exclusive roles
