Graph-based specification of access control policies

Graph-based specification formalisms for access control (AC) policies combine the advantages of an intuitive visual framework with a rigorous semantical foundation that allows the detailed comparison of different policy models. A security policy framework specifies a set of (constructive) rules to build the system states and sets of positive and negative (declarative) constraints to specify wanted and unwanted substates. Several models for AC (e.g. role-based, lattice-based or an access control list) can be specified in this framework. The framework is used for an accurate analysis of the interaction between policies and of the behavior of their integration with respect to the problem of inconsistent policies. Using formal properties of graph transformations, it is possible to systematically detect inconsistencies between constraints, between rules and between a rule and a constraint and lay the foundation for their resolutions.