Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICWS
2008
IEEE
2008
IEEE
A Theory of Role Composition
We study the access control integration problem for web services. Organizations frequently use many services, each with its own access control policies, that must interoperate while maintaining secure access to information. The integration problem is to take the set of such services and to find a globally consistent access control policy that ensures no authorization failures or information disclosures for the system composed from the services. Currently, this is performed manually, and incurs high administrative overhead and high risks for errors. We give a sound and complete algorithm for access control integration by reducing the problem to Boolean constraint solving. We have implemented RoleMatcher, a tool to infer global role-based access control schemas for a set of services, and show on examples that it can quickly infer global roles for composed systems, or determine the absence of a globally consistent role schema.
Real-time TrafficAccess Control | Access Control Integration | ICWS 2008 | Integration Problem | Internet Technology |
Related Content
| Added | 29 Oct 2010 |
| Updated | 29 Oct 2010 |
| Type | Conference |
| Year | 2008 |
| Where | ICWS |
| Authors | Jeffrey Fischer, Rupak Majumdar |
Comments (0)
Researcher Info
|
