Optimization Method On Safety And Utility For Access Control Policies

The rapid development of network and information technology makes it possible for us to share resources and services via web applications. However, the characteristics of the network, openess, anonymity and data transparency bring many new challenges to protection confidentiality and integrity of information, they block the further popularization and application of network technology. Access control is one of the most important core technologies for ensuring the network security, which authorizes the subjects to access the certain objects, and refuses to provide services to unauthorized subjects. The optimization on safety and utility for access control policies is the key problem for protecting confidentiality and integrity of information under network environment.This disertation gives a set-based specification of static separation-of-duty (SSoD) policies in the context of UCONA systems, and studies the problem of determining whether an SSoD policy is enforceable in the context of an UCONA state. In this disertation, we show that it is intractable (coNP-complete) for direct static enforcing SSoD policies in UCONA, while checking whether a UCONA state satisfies a set of static mutually exclusive attribute (SMEA) constraints is efficient, which provides a justification for using SMER constraints to indirect enforce SSoD policies. We first translate SSoD policies to ASSoD requirements, and generate SMEA constraints that as accurate as possible for enforcing SSoD policies, by using the attribute-level SSoD requirement as an intermediate step. Thus we can indirect static enforce SSoD policies in UCONA.We introduce the notion of availability policies, and formally define it. We show that the problem of directly validating for availability policies is in NP-complete. In the mean time, we give an improved algorithm for this problem. This algorithm uses preprocessing and static pruning techniques to reduce the number of users that need to be considered. The experimental results show that it can be resolved in a relative short time when the numbers of users and permissions are not too large. Moreover, inorder to enhance the flexible of availability policies, we introduce the notion of strict availability (SA) policies, d show that the problem of validation of SA policies is in P, and SA policies are more ictive than availability policies. For the shortcomings of dynamic properties for RBAC based interoperation policies, we propose an attribute mapping technique to establish secure context in multidomain environments, and analysis the properties of attribute mappings. We construct a framework to facilitate the establishment of secure interoperability in multidomain environments, which employ usage control (UCON) policies. We study how interoperation conflicts arise and show it is efficient to resolve the interoperability violations of cyclic inheritance, separation of duty and cardinality constraint.Policy inconsistency conflicts may arise between SSoD and availability policies due to their opposite focuses. In this dissertation, we address the problem of consistency checking for access control policies. We present criteria for determining consistency with a number of special cases, and show that the general case and partial subcases of the problem are intractable (NP-hard) and in the polynomial hierarchy NPNP. We design an algorithm to efficiently solve the nontrivial size instances for the intractable cases of the problem. The algorithm uses static pruning and preprocessing techniques for reducing complexity. Then we reduce the problem to satisfiability (SAT) for enhancing the computing efficiency. The evaluation and illustration shows that the algorithm scales reasonably well when the number of SSoD and availability policies is not very large.We provide a formal examination of policy inconsistency resolution when SSoD policies and strict availability (SA) policies coexist. Firstly, we reduce the complexity of reasoning about policy inconsistencies in two steps. (1) Reducing the number of policies that need to be taken into account by a static pruning technique; (2) Computing the minimal inconsistency cover set, which makes us only need to examine the minimum number of policies that is responsible for the policy inconsistencies. Secondly, we present a systematic methodology for measuring safety loss and utility loss, and evaluate the priority for each choice based on safety-utility tradeoff. Finally, we propose two priority based resolutions to deal with policy inconsistencies, possibilistic logic and lexicographical inference approaches. The illustration and evaluation show the validity of the proposed approaches.