标题：Modeling and analysis of SMER constraints violation in IRBAC 2000 model based on colored petri nets
作者：Liu, Meng ;Wang, Xuan
作者机构：[Liu, Meng ;Wang, Xuan ] Computer Application Research Center, Harbin Institute of Technology, Shenzhen Graduate School, Shenzhen 518055, China;[Liu, 更多
来源：International Journal of Security and its Applications
关键词：Colored Petri nets; Dynamic role translation; Interoperation; Prerequisites; Static mutual exclusive roles; Static separation of duties
摘要：Interoperable Role-Based Access Control (IRBAC) 2000 model can be used to accomplish security interoperation between two or more administrative domains via role association and dynamic role translation. However, Static Separation of Duties (SSoD) is not considered in the IRBAC 2000 model, so the problem of inter-domain static mutual exclusive roles constraints violation can arise. This paper proposes a novel method based on colored Petri nets to model and analyze IRBAC 2000 model so as to detect static mutual exclusive roles (SMER) constraints violation. The necessary and sufficient conditions for SMER constraints violation in the IRBAC 2000 model are demonstrated. A graphical detection model based on Colored Petri net of SMER constraints violation is presented and then a more complicated case study is used to illustrate the efficiency of the proposed model. Moreover, some prerequisites for avoiding SMER constraints violation and guaranteeing the model security while adding new role association or user-role assignment are also discussed, analyzed and detailed based on colored petri net model in this paper. © 2014 SERSC.