The security requirements of distributed systems are changing. In this paper an approach to represent the access control policies and evaluate the access requests is proposed. Extended logic programs without functions are introduced to represent the diverse access control policies, and the propagation depth and direction of privileges along the entity hierarchy can be constrained. After privilege conflicts are resolved according to the rules based on priority between different grantors and entities, semantics as answer sets of extended logic programs is attained. Based on certainty and possibility reasoning, an algorithm to determine whether an access request is authorized is proposed. The three, issues of distributed authorization, private privileges and conflict resolution are resolved.
CITATION STYLE
Liu, Q. B., Shi, J., & You, J. Y. (2001). Access control in distributed systems. Jisuanji Yanjiu Yu Fazhan/Computer Research and Development, 38(6), 735–740. https://doi.org/10.1007/0-387-21821-1_4
Mendeley helps you to discover research relevant for your work.