Skip to Main Content
Access control policy is a set of rules, which control and constraint the communication and access between all kinds of entities. Policy conflict is one of the outstanding issues related to policy management. Nevertheless current access control policy conflict detection algorithms are completely dependent on policy specification and the applications, which make these algorithms non-reusable and non-extensible. To resolve this problem, we separate the algorithm from concrete policy specification and apply a group of matrixes to define the relationship between all access control rules and all kinds of access control policy conflicts. Finally we develop an extensible intra-access control policy conflict detection algorithm that is independent of application domain to which the policies relate. The experimental result shows that the algorithm offers similar detection efficiency comparable to conventional detection algorithm.