• 中国精品科技期刊
  • CCF推荐A类中文期刊
  • 计算领域高质量科技期刊T1类
Advanced Search
Liu Meng, Wang Xuan, Huang Hejiao, Zhao Hainan, Zhang Jiajia. A Detection Model Based on Petri Nets of SMER Constraints Violation in Dynamic Role Translation[J]. Journal of Computer Research and Development, 2012, 49(9): 1991-1998.
Citation: Liu Meng, Wang Xuan, Huang Hejiao, Zhao Hainan, Zhang Jiajia. A Detection Model Based on Petri Nets of SMER Constraints Violation in Dynamic Role Translation[J]. Journal of Computer Research and Development, 2012, 49(9): 1991-1998.

A Detection Model Based on Petri Nets of SMER Constraints Violation in Dynamic Role Translation

More Information
  • Published Date: September 14, 2012
  • Kapadia et al. proposed the IRBAC (interoperable role-based access control) 2000 model, which can be used to accomplish security interoperation between two or more administrative domains via role association and dynamic role translation. Separation of duties (SoD) is one of three basic security principles supported by the RBAC (role-based access control) model. However, SSoD (static separation of duties) is not considered in the IRBAC 2000 model, so the problem of inter-domain static mutual exclusive roles constraints violation can arise while performing security interoperation between domains. This problem has been discussed in some literatures, but these researches are all from the perspective of mathematical logic and logical reasoning, which is abstract, complicated and not intuitive. On the basis of these researches, this paper introduces a novel method of analyzing the problem based on Petri net, which is very easy and visualized to be used to analyze the SMER (static mutual exclusive roles) constraints violation problem. A construction algorithm of Petri net is used to convert an IRBAC2000 model into a corresponding Petri net model, and the necessary and sufficient condition for SMER constraints violation of the IRBAC 2000 model in the Petri net model are proposed and proved. A detection model based on Petri net of violation of SMER constraints is also presented, and at last a case is used to illustrate the efficiency of the proposed model. To avoid SMER constraints violation while adding new role association or userrole assignment, the prerequisites to guarantee the security are also discussed, analyzed and detailed in this paper.
  • Related Articles

    [1]Shi Leyi, Zhu Hongqiang, Liu Yihao, Liu Jia. Intrusion Detection of Industrial Control System Based on Correlation Information Entropy and CNN-BiLSTM[J]. Journal of Computer Research and Development, 2019, 56(11): 2330-2338. DOI: 10.7544/issn1000-1239.2019.20190376
    [2]Yao Sheng, Xu Feng, Zhao Peng, Ji Xia. Intuitionistic Fuzzy Entropy Feature Selection Algorithm Based on Adaptive Neighborhood Space Rough Set Model[J]. Journal of Computer Research and Development, 2018, 55(4): 802-814. DOI: 10.7544/issn1000-1239.2018.20160919
    [3]Dong Hongbin, Teng Xuyang, Yang Xue. Feature Selection Based on the Measurement of Correlation Information Entropy[J]. Journal of Computer Research and Development, 2016, 53(8): 1684-1695. DOI: 10.7544/issn1000-1239.2016.20160172
    [4]Tang Chenghua, Liu Pengcheng, Tang Shensheng, Xie Yi. Anomaly Intrusion Behavior Detection Based on Fuzzy Clustering and Features Selection[J]. Journal of Computer Research and Development, 2015, 52(3): 718-728. DOI: 10.7544/issn1000-1239.2015.20130601
    [5]Zhang Fengbin and Wang Tianbo. Real Value Negative Selection Algorithm with the n-Dimensional Chaotic Map[J]. Journal of Computer Research and Development, 2013, 50(7): 1387-1398.
    [6]Zhang Zhenhai, Li Shining, Li Zhigang, and Chen Hao. Multi-Label Feature Selection Algorithm Based on Information Entropy[J]. Journal of Computer Research and Development, 2013, 50(6): 1177-1184.
    [7]Zheng Liming, Zou Peng, Han Weihong, Li Aiping, Jia Yan. Traffic Anomaly Detection Using Multi-Dimensional Entropy Classification in Backbone Network[J]. Journal of Computer Research and Development, 2012, 49(9): 1972-1981.
    [8]Zhang Xiang, Deng Zhaohong, Wang Shitong, Choi Kupsze. Maximum Entropy Relief Feature Weighting[J]. Journal of Computer Research and Development, 2011, 48(6): 1038-1048.
    [9]Chen Shitao, Chen Guolong, Guo Wenzhong, and Liu Yanhua. Feature Selection of the Intrusion Detection Data Based on Particle Swarm Optimization and Neighborhood Reduction[J]. Journal of Computer Research and Development, 2010, 47(7): 1261-1267.
    [10]Hou Jian, Peng Jiayin, Zhang Yuzhuo, Zhang Chengyi. A Reverse Triple I Algorithm for Fuzzy Reasoning Based on Maximum Fuzzy Entropy Principle[J]. Journal of Computer Research and Development, 2006, 43(7): 1180-1185.

Catalog

    Article views (853) PDF downloads (657) Cited by()

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return