Cover Image

Heterogeneity policy evaluation with modality conflict analysis

Policy evaluation is a process to determine whether a request satisfies the access control policies. There are two main phases in the policy evaluation, namely: (i) matching the attribute values of a request and a policy, and (ii) detecting modality conflict. Existing policy evaluation engines ut...

Full description

Saved in:
Bibliographic Details
Main Author: Teo, Poh Kuang
Format: Thesis
Language:English
Published: 2017
Subjects:
Heterogeneous computing
Analog computers
Online Access:http://psasir.upm.edu.my/id/eprint/83245/1/FSKTM%202017%2069%20-%20ir.pdf
http://psasir.upm.edu.my/id/eprint/83245/
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.upm.eprints.83245
record_format eprints
spelling my.upm.eprints.832452022-01-07T07:34:15Z http://psasir.upm.edu.my/id/eprint/83245/ Heterogeneity policy evaluation with modality conflict analysis Teo, Poh Kuang Policy evaluation is a process to determine whether a request satisfies the access control policies. There are two main phases in the policy evaluation, namely: (i) matching the attribute values of a request and a policy, and (ii) detecting modality conflict. Existing policy evaluation engines utilized a simple string equal matching function, but they do not explore naming heterogeneity. The authorizations could be propagated according to the inheritance relationships between concepts along not only subject, resource, action, but also location hierarchies. This thesis aimed to propose matching functions which are not limited to string equal matching function that aim to resolve naming heterogeneity, namely: synonym equal, hyponym, syntactical-synonym equal, syntactical-hyponym, syntactical equal, hyponym common word, and abbreviation equal. An authorization propagation rule is proposed to identify the applicable policies, which relies on inheritance relationships between concepts, on the basis of the partially ordered structures obtained by classifying subject, resource, action, and condition attributes. Our solution assists the policy administrators in filtering out the irrelevant policies which helps them to resolve the modality conflict among the applicable policies before the actual policy evaluation taken place. We have evaluated the effectiveness of our proposed solution on real XACML policies for university, conference management, and health-care domain. Our solution resulted lower percentage of R but higher percentage of P and F for all sets of policies when more attributes are considered in retrieving the applicable policies and in detecting the modality conflict compared when these constraints are not considered. Our solution achieved the higher percentage of P, R and F in matching the attribute values of a request and a policy, in retrieving the applicable policies, and in detecting modality conflict as compared to the previous work. The accuracy of the proposed solution indicates that our proposed solution is better than the Sun's XACML implementation in policy evaluation. 2017-03 Thesis NonPeerReviewed text en http://psasir.upm.edu.my/id/eprint/83245/1/FSKTM%202017%2069%20-%20ir.pdf Teo, Poh Kuang (2017) Heterogeneity policy evaluation with modality conflict analysis. Doctoral thesis, Universiti Putra Malaysia. Heterogeneous computing Analog computers
institution Universiti Putra Malaysia
building UPM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Putra Malaysia
content_source UPM Institutional Repository
url_provider http://psasir.upm.edu.my/
language English
topic Heterogeneous computing
Analog computers
spellingShingle Heterogeneous computing
Analog computers
Teo, Poh Kuang
Heterogeneity policy evaluation with modality conflict analysis
description Policy evaluation is a process to determine whether a request satisfies the access control policies. There are two main phases in the policy evaluation, namely: (i) matching the attribute values of a request and a policy, and (ii) detecting modality conflict. Existing policy evaluation engines utilized a simple string equal matching function, but they do not explore naming heterogeneity. The authorizations could be propagated according to the inheritance relationships between concepts along not only subject, resource, action, but also location hierarchies. This thesis aimed to propose matching functions which are not limited to string equal matching function that aim to resolve naming heterogeneity, namely: synonym equal, hyponym, syntactical-synonym equal, syntactical-hyponym, syntactical equal, hyponym common word, and abbreviation equal. An authorization propagation rule is proposed to identify the applicable policies, which relies on inheritance relationships between concepts, on the basis of the partially ordered structures obtained by classifying subject, resource, action, and condition attributes. Our solution assists the policy administrators in filtering out the irrelevant policies which helps them to resolve the modality conflict among the applicable policies before the actual policy evaluation taken place. We have evaluated the effectiveness of our proposed solution on real XACML policies for university, conference management, and health-care domain. Our solution resulted lower percentage of R but higher percentage of P and F for all sets of policies when more attributes are considered in retrieving the applicable policies and in detecting the modality conflict compared when these constraints are not considered. Our solution achieved the higher percentage of P, R and F in matching the attribute values of a request and a policy, in retrieving the applicable policies, and in detecting modality conflict as compared to the previous work. The accuracy of the proposed solution indicates that our proposed solution is better than the Sun's XACML implementation in policy evaluation.
format Thesis
author Teo, Poh Kuang
author_facet Teo, Poh Kuang
author_sort Teo, Poh Kuang
title Heterogeneity policy evaluation with modality conflict analysis
title_short Heterogeneity policy evaluation with modality conflict analysis
title_full Heterogeneity policy evaluation with modality conflict analysis
title_fullStr Heterogeneity policy evaluation with modality conflict analysis
title_full_unstemmed Heterogeneity policy evaluation with modality conflict analysis
title_sort heterogeneity policy evaluation with modality conflict analysis
publishDate 2017
url http://psasir.upm.edu.my/id/eprint/83245/1/FSKTM%202017%2069%20-%20ir.pdf
http://psasir.upm.edu.my/id/eprint/83245/
_version_ 1724075379056967680
score 13.159267

Similar Items