A model to reduce complexity and maintain coherence between Access Control and Transmission Control policies - Archive ouverte HAL Accéder directement au contenu
Rapport (Rapport De Recherche) Année : 2016

A model to reduce complexity and maintain coherence between Access Control and Transmission Control policies

Un modelè pour réduire la complexité et maintenir la cohérence des politiques de contrôle d'accès et de transmission

Résumé

In order to protect resources from unauthorized access and data leakage in companies, security experts and administrators can use mechanisms such as Access Control (AC) and Transmission Control (TC). Both AC and TC are based on policies that are defined, modified and revoked by these experts. However, policy management can be a time-consuming and tiresome task, especially when both mechanisms are used on large sets of users and resources. Moreover, contradictions between AC and TC policies can appear, for instance when a legiti- mate user is allowed to send a resource to someone who cannot access it. Such contradictions can lead to data leakage. In this article, we first aim at studying experts feedback concerning policy definition and usage by reporting the results of a survey we have conducted among IT professionals. Based on the results of this survey, we then present a generic model that generates TC policies based on existing AC policies. This model serves several purposes. First, it takes into account the main AC models that are used in companies (i.e. genericity problem). Secondly, it tackles the problem of incoherences between AC and TC policies (i.e. coherence problem). Thirdly, it can reduce the total number of resources and subjects managed by the security policies (i.e. complexity problem). Finally, it takes into account the updates frequency of companies policies (i.e. rapidity problem).
Fichier principal
Vignette du fichier
rapport.pdf (6.44 Mo) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01317109 , version 1 (18-05-2016)

Identifiants

  • HAL Id : hal-01317109 , version 1

Citer

Yoann Bertrand, Mireille Blay-Fornarino, Karima Boudaoud, Michel Riveill. A model to reduce complexity and maintain coherence between Access Control and Transmission Control policies. [Research Report] I3S. 2016. ⟨hal-01317109⟩
132 Consultations
93 Téléchargements

Partager

Gmail Facebook X LinkedIn More