Skip to Main Content
An architecture and algorithms for deriving an access control policy by composing access control requirements specified at multiple levels in a command hierarchy is described. Our method can detect conflicts in requirements, and find a policy that maximally satisfies the requirements, by satisfying higher priority requirements at the expense of lower priority ones. It also allows for easy verification of the final policy by an administrator. The architecture allows quick adaptation of policies to changing situations, by providing for delegation of authority while ensuring that high priority requirements will always be satisfied.