A Notation for Policies using Feature Structures Kunihiko Fujita (NTT Communication Science Laboratories, Japan), Yasuyuki Tsukada (NTT Communication Science Laboratories, Japan). |
---|
New security and privacy
enhancing technologies are demanded in the new information and
communication environments where a huge number of computers interact
with each other in a distributed and ad hoc manner to access various
resources. In this paper, we focus on access control because this is
the underlying core technology to enforce security and privacy. Access
control decides permit or deny according to access control policies.
Since notations of policies are specialized in each system, it is
difficult to ensure consistency of policies that are stated in
different notations. In this paper, we propose a readable notation for
policies by adopting the concept of feature structures, which has
mainly been used for parsing in natural language processing. Our
proposed notation is also logically well-founded, which guarantees
strict access control decisions, and expressive in that it returns not
only a binary value of permit or deny but also various result values
through the application of partial order relations of the security
risk level. We illustrate the effectiveness of our proposed method
using examples from P3P.
|