M. Strembeck (Austria)
Role-based Access Control, Separation of Duty
Separation of duty constraints define mutual exclusion relations between two entities (e.g. two permissions). Thus, a software component that supports the definition of separation of duty constraints implicitly requires a means to control their definition and to ensure the con sistency of the resulting runtime structures. In this pa per, we present our experiences with the implementation of conflict-checking methods for separation of duty con straints in the XORBAC access control service.
Important Links:
Go Back
