Privacy-Aware Role Based Access Control Model: Revisited for Multi-Policy Conflict Detection

Abstract

Privacy-aware Role-based Access Control (P-RBAC) model is one of Role-Based Access Control (RBAC) model extensions that has been proposed to help the enforcement of privacy policies. Despite the enhanced privacy protection mechanism by P-RBAC, its pair-wise policy conflict detection algorithm has been pointed out as one of its limitations because conflicts within more than two policies are not detected. In this paper, we review and extend P-RBAC's existing conflict detection algorithm so that it can check conflicts in multiple policies. Our review includes the performance comparison on two conflict detection algorithms, triple-policy conflict detection vs. double-policy conflict detection. We find out that as the number of policies increases and the number of same condition variables in the policies increases, the running time complexity gets bigger. Especially for tripe-policy conflict, the probability of triple policy conflict also affects the complexity.