TY - GEN
T1 - Abductive analysis of administrative policies in rule-based access control
AU - Gupta, Puneet
AU - Stoller, Scott D.
AU - Xu, Zhongyuan
PY - 2011
Y1 - 2011
N2 - In large organizations, the access control policy is managed by multiple users (administrators). An administrative policy specifies how each user may change the policy. The consequences of an administrative policy are often non-obvious, because sequences of changes by different users may interact in unexpected ways. Administrative policy analysis helps by answering questions such as user-permission reachability, which asks whether specified users can together change the policy in a way that achieves a specified goal, namely, granting a specified permission to a specified user.
AB - In large organizations, the access control policy is managed by multiple users (administrators). An administrative policy specifies how each user may change the policy. The consequences of an administrative policy are often non-obvious, because sequences of changes by different users may interact in unexpected ways. Administrative policy analysis helps by answering questions such as user-permission reachability, which asks whether specified users can together change the policy in a way that achieves a specified goal, namely, granting a specified permission to a specified user.
UR - https://www.scopus.com/pages/publications/81855219131
U2 - 10.1007/978-3-642-25560-1_8
DO - 10.1007/978-3-642-25560-1_8
M3 - Conference contribution
SN - 9783642255595
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 116
EP - 130
BT - Information Systems Security - 7th International Conference, ICISS 2011, Proceedings
T2 - 7th International Conference on Information Systems Security, ICISS 2011
Y2 - 15 December 2011 through 19 December 2011
ER -