Inconsistency in access control policies exists when at least two rules present in the policy set lead to the contradictory decisions. It makes difficult for the system to decide which rule is applicable to the current scenario and hence make the system vulnerable to the unauthorized use. Various inconsistency detection methods have been proposed by researchers. However, those suffered from various limitations e.g., inefficient handling of numeric attributes, Boolean expressions etc. In this article, we propose a new algorithm that detects the inconsistencies in the policies using decision trees. For a proof of concept, we have developed a software tool that proves its effectiveness. Also, complexity analysis and qualitative comparison of the proposed algorithm is presented in the paper.
|Number of pages||10|
|Journal||Journal of Internet Technology|
|Publication status||Published - 2018|
- Access control
- Policy validation