{"title":"READ——一种基于决议和溯因的组织协作政策比较方法","authors":"Xiaofeng Xia","doi":"10.1109/BIOMEDCOM.2012.24","DOIUrl":null,"url":null,"abstract":"The policy compliance problem is one of the categories of inconsistency problems existing between access control policies. One of the ways to cope with it is called policy comparison. In this paper we develop and use our approach to perform policy comparison, i.e. when newly specified access control policies for the resources are provided to be compared with certain original policy, we are able to ensure that the noncompliance problem between these newly specified policies and the original policies on the resources will be found. In this paper we propose the READ (Resolution and Abduction based) algorithm to be an approach of finding policy noncompliance. Our approach is based on the resolution and abduction work for Data log rules, and the evaluation of compliance is performed through set implication by Satisfiability Modulo Theories (SMT) Z3 prover. We will illustrate the implementation of READ algorithm with two examples from existing work and one example based on role based access control model.","PeriodicalId":146495,"journal":{"name":"2012 ASE/IEEE International Conference on BioMedical Computing (BioMedCom)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"READ -- A Resolution and Abduction Based Approach for Policy Comparison in Organizational Collaboration\",\"authors\":\"Xiaofeng Xia\",\"doi\":\"10.1109/BIOMEDCOM.2012.24\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The policy compliance problem is one of the categories of inconsistency problems existing between access control policies. One of the ways to cope with it is called policy comparison. In this paper we develop and use our approach to perform policy comparison, i.e. when newly specified access control policies for the resources are provided to be compared with certain original policy, we are able to ensure that the noncompliance problem between these newly specified policies and the original policies on the resources will be found. In this paper we propose the READ (Resolution and Abduction based) algorithm to be an approach of finding policy noncompliance. Our approach is based on the resolution and abduction work for Data log rules, and the evaluation of compliance is performed through set implication by Satisfiability Modulo Theories (SMT) Z3 prover. We will illustrate the implementation of READ algorithm with two examples from existing work and one example based on role based access control model.\",\"PeriodicalId\":146495,\"journal\":{\"name\":\"2012 ASE/IEEE International Conference on BioMedical Computing (BioMedCom)\",\"volume\":\"19 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-12-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 ASE/IEEE International Conference on BioMedical Computing (BioMedCom)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/BIOMEDCOM.2012.24\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 ASE/IEEE International Conference on BioMedical Computing (BioMedCom)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/BIOMEDCOM.2012.24","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
READ -- A Resolution and Abduction Based Approach for Policy Comparison in Organizational Collaboration
The policy compliance problem is one of the categories of inconsistency problems existing between access control policies. One of the ways to cope with it is called policy comparison. In this paper we develop and use our approach to perform policy comparison, i.e. when newly specified access control policies for the resources are provided to be compared with certain original policy, we are able to ensure that the noncompliance problem between these newly specified policies and the original policies on the resources will be found. In this paper we propose the READ (Resolution and Abduction based) algorithm to be an approach of finding policy noncompliance. Our approach is based on the resolution and abduction work for Data log rules, and the evaluation of compliance is performed through set implication by Satisfiability Modulo Theories (SMT) Z3 prover. We will illustrate the implementation of READ algorithm with two examples from existing work and one example based on role based access control model.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
