Title: Handling inheritance violation for secure interoperation of heterogeneous systems
Authors: Hejiao Huang, Helene Kirchner, Songyun Liu, Weili Wu
Addresses: Harbin Institute of Technology, Shenzhen Graduate School, China. ' INRIA Bordeaux Sud-Ouest, France. ' Harbin Institute of Technology, Shenzhen Graduate School, China. ' Department of Computer Science, University of Texas at Dellas, USA
Abstract: In multiple heterogeneous systems, one of key challenges of integrating policies is the conflict detection and resolution while preserving individual policy consistency. In this paper, the inheritance hierarchy of a security policy is formulated with a directed graph. Solving Inheritance Violation Problem (IVP) is formulated as a feedback arc set problem, which is NP-hard. Then some classical approximation algorithms are introduced. The IVP in two interoperating domains is converted into the problem of finding a minimum weight vertex cover problem in a bipartite graph, which is polynomial-time solvable.
Keywords: secure interoperation; hierarchical RBAC; vertex cover; feedback set problem; inheritance violation; heterogeneous systems; security policy; conflict detection; conflict resolution; policy consistency.
International Journal of Security and Networks, 2009 Vol.4 No.4, pp.223 - 233
Published online: 22 Sep 2009 *
Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article