Analysis And Verification Of Secure Authorization Under Mulptyple Constraints

Access control is an important mechanism for protecting information resources, which protects sensitive information by restricting actions of users. Therefore, enforcing appropriate access control mechanism is the need of constructing secure information system. Access control is usually implemented according to certain security policy, that is, security constraints enforced on elements such as subjects, objects, etc, which reflect the organization's security and business requirements. For example, separation of duties requires sensitive tasks should be accomplished together by a certain amount of users in order to prevent fraud. However, security constraints defined in large organizations may result in conflicts between security constraints or make the system's authorization not effectively reflect the security and business requirements, thus affecting the implementation of organizational goals. Therefore, the analysis and validation of security on authorization and effectiveness of security constraints, have not only great theoretical significance, but also more important realistic significance for ensuring system's security and implementation of organizational goals.Analysis of security on authorization mainly focus on analyzing current authorization on the satisfaction of security requirements, finding the inconsistence between authorization and the security requirements, and proposing the corresponding solutions.Inconsistent authorization is grouped into over-authorization and under-authorization according to the inconsistence between authorization and security requirements. Over-authorization is beyond the basic security requirements, which limits the desired access privileges thus impacts the availability of the system to some extent. While under-authorization is under the basic security requirements, which may permit illegal access privileges thus impacts the security of system to some extent. Verification of security on authorization is to identify whether the authorization is appropriate by verifying the consistency between authorization and security requirements.Current research about analysis and verification of security on authorization usually discuss expression of security constraints in specific applications such as separation of duty, environment constraints and context constraints, etc. Effectiveness of security constraints is verified by checking their satisfiability and the degree at which the secutiry constraints match the security requirements. Adopting security constraints properly according to the verification result can make them better satisfy the security requirements. These researches only discuss cases in which constraints are satisfied strictly in the selection of authorization enforcement users. They can meet general security requirements, but lack further fine-grained quantitative analysis in selecting better authorized users when there are multiple users satisfying security constraints.In view of the above questions, this paper does some research about the selection of authorization enforcement users, analyzes different access control requirements of organizations in detail and propose the corresponding solutions, the main contributions are as follows:First, we analyze security requirements of the organization in selection authorized users, and then propose a secure authorization model under multiple constraints. The relationships among the separation of duty constraints, qualification constraints of users, enforcement risk constraints are discussed and the methods are proposed to select the authorized enforcement users in a qualitative or quantificational manner, even combination of qualitative and quantitative etc. which resolves the shortcomings existing in current selection of authorized users. We analyze the user's qualification requirements in the organization, specify the qualification constraint of users and propose the method of selecting enforcement users qualitatively based on the qualification constraint of users. In addition, authorization risk is analyzed, and risk of user-role authorization is defined based on fuzzy theory. We also define enforcement risk constraint according to the requirements of organizations. Also a risk evaluation model is given and the method of selecting enforcement users quantificationally based on enforcement risk constraint is proposed. Meanwhile, relevant experiments are carried out. The experiment results show that the corresponding algorithms are effective and the user selection methods are feasible.Second, we give analysis of the requirement for detection of security constraints and study feasible methods for verifying the effectiveness of security constraints. We analyze the elements composition, the characteristics of over-constraint and under-constraint in access control models and discuss a common Alloy-based verification method. We study the method of expressing separation of duty constraint,qualification constraint of users and enforcement risk constraint in Alloy, discuss the methods of verifying the satisfiability of these constraints and analyzing the degree at which security constraints match security requirement. In addition, relevant experiments are carried out and the experiment results show that the corresponding verification methods are feasible in practice.