Authors: Jun Dong; Qiang Zhao
Addresses: Hebei Vocational Art College, Shijiazhuang 050011, China ' Department of Mathematics and Computer Science, Baoding University, Baoding, Hebei 071000, China
Abstract: The research of this article is ensuring the security implementation of multi-domain secure access control behaviour, through the study on unified description language for security policy, strategy conflict classification and strategy conflict detection. Based on current related technologies and combined with the feature of multi-domain system, the framework of access control strategy management is proposed, which specified the content of access control management. We adopt XACML that has better across-platform and scalability to describe the policy uniformly. Then access control policy description template based on XACML is provided and the security policy conflict is classified reasonably according to the factors causing conflict. Then we put forward a model to detect the inconsistency of RBAC and RH in time and space constraint, to design an access control model which needs pruning and collection. It uses logic analysis to strength the conflict detection for developing security policy integration. The simulation shows our work can provide filter on quantities of irrelevant policy and return potential policies to solute the conflict.
Keywords: access control; multi-domain; XACML; conflict detection; inconsistency; RBAC.
International Journal of Internet Protocol Technology, 2018 Vol.11 No.1, pp.44 - 50
Received: 30 Aug 2017
Accepted: 22 Oct 2017
Published online: 04 May 2018 *