Separation-of-Duty (SoD) is a fundamental security principle for prevention of fraud and errors in computer security. It has been studied extensively in traditional access control models. However, the research of SoD policy in the recently proposed usage control (UCON) model has not been well studied. This paper formulates and studies the fundamental problem of static enforcement of static SoD (SSoD) policies in the context of UCONA, a sub-model of UCON only considering authorizations. Firstly, we define a set-based specification of SSoD policies, and the safety checking problem for SSoD in UCONA. Secondly, we study the problem of determining whether an SSoD policy is enforceable. Thirdly, we show that it is intractable (coNP-complete) to direct statically enforce SSoD policies in UCONA, while checking whether a UCONA state satisfies a set of static mutually exclusive attribute (SMEA) constraints is efficient, which provides a justification for using SMEA constraints to enforce SSoD policies. Finally, we introduce a indirect static enforcement for SSoD policies in UCONA. We show how to generate the least restrictive SMEA constraints for enforcing SSoD policies in UCONA, by using the attribute-level SSoD requirement as an intermediate step. The results are fundamental to understanding SSoD policies in UCON.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Jianfeng LU, Ruixuan LI, Jinwei HU, Dewu XU, "Static Enforcement of Static Separation-of-Duty Policies in Usage Control Authorization Models" in IEICE TRANSACTIONS on Communications,
vol. E95-B, no. 5, pp. 1508-1518, May 2012, doi: 10.1587/transcom.E95.B.1508.
Abstract: Separation-of-Duty (SoD) is a fundamental security principle for prevention of fraud and errors in computer security. It has been studied extensively in traditional access control models. However, the research of SoD policy in the recently proposed usage control (UCON) model has not been well studied. This paper formulates and studies the fundamental problem of static enforcement of static SoD (SSoD) policies in the context of UCONA, a sub-model of UCON only considering authorizations. Firstly, we define a set-based specification of SSoD policies, and the safety checking problem for SSoD in UCONA. Secondly, we study the problem of determining whether an SSoD policy is enforceable. Thirdly, we show that it is intractable (coNP-complete) to direct statically enforce SSoD policies in UCONA, while checking whether a UCONA state satisfies a set of static mutually exclusive attribute (SMEA) constraints is efficient, which provides a justification for using SMEA constraints to enforce SSoD policies. Finally, we introduce a indirect static enforcement for SSoD policies in UCONA. We show how to generate the least restrictive SMEA constraints for enforcing SSoD policies in UCONA, by using the attribute-level SSoD requirement as an intermediate step. The results are fundamental to understanding SSoD policies in UCON.
URL: https://global.ieice.org/en_transactions/communications/10.1587/transcom.E95.B.1508/_p
Copy
@ARTICLE{e95-b_5_1508,
author={Jianfeng LU, Ruixuan LI, Jinwei HU, Dewu XU, },
journal={IEICE TRANSACTIONS on Communications},
title={Static Enforcement of Static Separation-of-Duty Policies in Usage Control Authorization Models},
year={2012},
volume={E95-B},
number={5},
pages={1508-1518},
abstract={Separation-of-Duty (SoD) is a fundamental security principle for prevention of fraud and errors in computer security. It has been studied extensively in traditional access control models. However, the research of SoD policy in the recently proposed usage control (UCON) model has not been well studied. This paper formulates and studies the fundamental problem of static enforcement of static SoD (SSoD) policies in the context of UCONA, a sub-model of UCON only considering authorizations. Firstly, we define a set-based specification of SSoD policies, and the safety checking problem for SSoD in UCONA. Secondly, we study the problem of determining whether an SSoD policy is enforceable. Thirdly, we show that it is intractable (coNP-complete) to direct statically enforce SSoD policies in UCONA, while checking whether a UCONA state satisfies a set of static mutually exclusive attribute (SMEA) constraints is efficient, which provides a justification for using SMEA constraints to enforce SSoD policies. Finally, we introduce a indirect static enforcement for SSoD policies in UCONA. We show how to generate the least restrictive SMEA constraints for enforcing SSoD policies in UCONA, by using the attribute-level SSoD requirement as an intermediate step. The results are fundamental to understanding SSoD policies in UCON.},
keywords={},
doi={10.1587/transcom.E95.B.1508},
ISSN={1745-1345},
month={May},}
Copy
TY - JOUR
TI - Static Enforcement of Static Separation-of-Duty Policies in Usage Control Authorization Models
T2 - IEICE TRANSACTIONS on Communications
SP - 1508
EP - 1518
AU - Jianfeng LU
AU - Ruixuan LI
AU - Jinwei HU
AU - Dewu XU
PY - 2012
DO - 10.1587/transcom.E95.B.1508
JO - IEICE TRANSACTIONS on Communications
SN - 1745-1345
VL - E95-B
IS - 5
JA - IEICE TRANSACTIONS on Communications
Y1 - May 2012
AB - Separation-of-Duty (SoD) is a fundamental security principle for prevention of fraud and errors in computer security. It has been studied extensively in traditional access control models. However, the research of SoD policy in the recently proposed usage control (UCON) model has not been well studied. This paper formulates and studies the fundamental problem of static enforcement of static SoD (SSoD) policies in the context of UCONA, a sub-model of UCON only considering authorizations. Firstly, we define a set-based specification of SSoD policies, and the safety checking problem for SSoD in UCONA. Secondly, we study the problem of determining whether an SSoD policy is enforceable. Thirdly, we show that it is intractable (coNP-complete) to direct statically enforce SSoD policies in UCONA, while checking whether a UCONA state satisfies a set of static mutually exclusive attribute (SMEA) constraints is efficient, which provides a justification for using SMEA constraints to enforce SSoD policies. Finally, we introduce a indirect static enforcement for SSoD policies in UCONA. We show how to generate the least restrictive SMEA constraints for enforcing SSoD policies in UCONA, by using the attribute-level SSoD requirement as an intermediate step. The results are fundamental to understanding SSoD policies in UCON.
ER -