Semantic web technologies to aid dominance detection for access control policies

Jason Barron, Steven Davy

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Citation (Scopus)

Abstract

We present a dominance detection algorithm as part of a policy authoring process that makes extensive use of semantic models to perform a novel dominance detection of access control policies, where groups of deployed policies are considered in unison to discover redundancy. The approach is targeted towards the pre-deployment stage of the policy authoring process and aims to help prevent the introduction of redundant policies into the system. To achieve this, semantic queries are executed over instances of new and deployed policy elements in order to select matching elements for further analysis. The semantic queries may return a large number of deployed policy elements so we present an algorithm that prunes the search space to reduce the problem size. We show that for large sets of deployed policies, we can discover relatively large sets that are considered dominant.

Original languageEnglish
Title of host publicationProceedings of the 2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013
Pages780-783
Number of pages4
Publication statusPublished - 2013
Event2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013 - Ghent, Belgium
Duration: 27 May 201331 May 2013

Publication series

NameProceedings of the 2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013

Conference

Conference2013 IFIP/IEEE International Symposium on Integrated Network Management, IM 2013
Country/TerritoryBelgium
CityGhent
Period27/05/201331/05/2013

Fingerprint

Dive into the research topics of 'Semantic web technologies to aid dominance detection for access control policies'. Together they form a unique fingerprint.

Cite this