Abstract: The conflict checking and solving of separation of duty constraints were particularly discussed in RBAC we researched these constraints' typical examples in authorization relations of the permission-to-role assignment (PRA), the permission-to subject assignment (PSA), the role-to-subject assignment (RSA), and the definition of a role hierarchy (role-to-role assignment, RRA). The arithmetic analysis of conflict checking which links with the theory of directed acycline graph (DAG) was provided. It will be a basis for practicall application. Furthermore, the conflict solving was further discussed in the paper. Several schemes are summarized and achieved imitating experiment. Subsequently, we provided an optimized solving method for the further work.
|
Received: 25 August 2009
|
|
|
|