Security analysis and validation for access control in multi-domain environment based on risk

Abstract

Access control system is often described as a state transition system. Given a set of access control policies, a general safety requirement in such a system is to determine whether a desirable property is satisfied in all the reachable states. In this paper, we propose to use security analysis techniques to maintain desirable security properties in the Multi-domain Environment based on risk model (MDR2BAC). We give a precise definition of security analysis problems in MDR2BAC, which is more general than safety analysis that is studied in single-domain. We show the process of dynamic permission adjustment in multi-domain environment, and illustrate two classes of problems in the process which can be reduced to similar analysis in the RT[←,∩] role-based trust-management language, thereby establishing an interesting relationship between MDR2BAC and the RT framework. The reduction gives efficient algorithms for answering most kinds of queries in the two stages of dynamic adjustment permissions. © Springer-Verlag Berlin Heidelberg 2010.