Entry Li:2009:RPA from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017                Valid HTML 3.2!

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Li:2009:RPA,
  author =       "Ninghui Li and Qihua Wang and Mahesh Tripunitara",
  title =        "Resiliency Policies in Access Control",
  journal =      j-TISSEC,
  volume =       "12",
  number =       "4",
  pages =        "20:1--20:??",
  month =        apr,
  year =         "2009",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/1513601.1513602",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Thu May 14 13:53:50 MDT 2009",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "We introduce the notion of resiliency policies in the
                 context of access control systems. Such policies
                 require an access control system to be resilient to the
                 absence of users. An example resiliency policy requires
                 that upon removal of any $s$ users, there should still
                 exist $d$ disjoint sets of users such that the users in
                 each set together possess certain permissions of
                 interest. Such a policy ensures that even when
                 emergency situations cause some users to be absent,
                 there still exist independent teams of users that have
                 the permissions necessary for carrying out critical
                 tasks. The Resiliency Checking Problem determines
                 whether an access control state satisfies a given
                 resiliency policy. We show that the general case of the
                 problem and several subcases are intractable (NP hard),
                 and identify two subcases that are solvable in linear
                 time. For the intractable cases, we also identify the
                 complexity class in the polynomial hierarchy to which
                 these problems belong. We discuss the design and
                 evaluation of an algorithm that can efficiently solve
                 instances of nontrivial sizes that belong to the
                 intractable cases of the problem. Furthermore, we study
                 the consistency problem between resiliency policies and
                 static separation of duty policies. Finally, we combine
                 the notions of resiliency and separation of duty to
                 introduce the resilient separation of duty policy,
                 which is useful in situations where both
                 fault-tolerance and fraud-prevention are desired.",
  acknowledgement = ack-nhfb,
  articleno =    "20",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
  keywords =     "access control; fault-tolerant; policy design",
}

Related entries