Authorisation and Conflict Resolution for Hierarchical Domains

Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07) Pub Date : 2007-06-01 DOI:10.1109/POLICY.2007.8

G. Russello, Changyu Dong, Naranker Dulay

{"title":"Authorisation and Conflict Resolution for Hierarchical Domains","authors":"G. Russello, Changyu Dong, Naranker Dulay","doi":"10.1109/POLICY.2007.8","DOIUrl":null,"url":null,"abstract":"In this paper we generalise the authorisation policy model supported by the Ponder policy language for hierarchically organised domains of managed objects to support subject-based policies and return policies. We describe the authorisation conflicts that can occur and present a strategy to automatically resolve them. In our model each action has four endpoints: the subject call, the subject return, the target call and the target return. Each endpoint can have associated policies which are used to define constraints on which subjects are permitted to call which targets, and what is permitted to be transferred between subjects and targets. Subject-based policies aim to protect the subject from untrusted targets, while target-based policies aim to protect the target from unauthorised subjects. Subject-based policies are defined for and enforced by the subject's PEP, while target-based policies are defined for and enforced by the target's PEP. Although subject-based and target-based policies are separated, they are uniformly specified in our framework.","PeriodicalId":240693,"journal":{"name":"Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"69","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/POLICY.2007.8","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 69

Abstract

In this paper we generalise the authorisation policy model supported by the Ponder policy language for hierarchically organised domains of managed objects to support subject-based policies and return policies. We describe the authorisation conflicts that can occur and present a strategy to automatically resolve them. In our model each action has four endpoints: the subject call, the subject return, the target call and the target return. Each endpoint can have associated policies which are used to define constraints on which subjects are permitted to call which targets, and what is permitted to be transferred between subjects and targets. Subject-based policies aim to protect the subject from untrusted targets, while target-based policies aim to protect the target from unauthorised subjects. Subject-based policies are defined for and enforced by the subject's PEP, while target-based policies are defined for and enforced by the target's PEP. Although subject-based and target-based policies are separated, they are uniformly specified in our framework.

查看原文本刊更多论文

分层域的授权和冲突解决

在本文中，我们将由Ponder策略语言支持的授权策略模型推广到管理对象的分层组织领域，以支持基于主题的策略和返回策略。我们描述了可能发生的授权冲突，并提出了自动解决这些冲突的策略。在我们的模型中，每个操作都有四个端点:主题调用、主题返回、目标调用和目标返回。每个端点都可以有关联的策略，这些策略用于定义约束，这些约束允许哪些主体调用哪些目标，以及哪些内容可以在主体和目标之间传输。基于主体的策略旨在保护主体免受不可信目标的攻击，而基于目标的策略旨在保护目标免受未授权主体的攻击。基于主题的策略是为主题的PEP定义并由其执行的，而基于目标的策略是为目标的PEP定义并由其执行的。尽管基于主题和基于目标的策略是分开的，但它们在我们的框架中是统一指定的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Eighth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'07)

自引率

0.00%

发文量