Managing access control policies using access control spaces

Trent Jaeger, Antony Edwards, Xiaolan Zhang

Research output: Contribution to conferencePaperpeer-review

23 Scopus citations


We present the concept of an access control space and investigate how it may be useful in managing access control policies. An access control space represents the permission assignment state of a subject. We identify subspaces that have meaningful semantics. For example, the set permissions explicitly assigned to a subject defines its specified subspace, and constraints define the prohibited subspace. In analyzing these subspaces, we identify two problems: (1) often a significant portion of the access control space has unknown assignment semantics, meaning that it is not defined whether an assignment in this space should be permitted or not, and (2) often high-level assignments and constraints that are easily understood result in conflicts where permissions are both specified and prohibited. To solve these problems, we have developed a tool, called Gokyo, that enables definition and analysis of access control spaces. Gokyo computes the unknown subspace to show system administrators the ambiguous region and enable them to reduce it. Gokyo identifies conflicting subspaces and enables system administrators to handle subspaces as exceptions, if desired. We demonstrate the utility of Gokyo by analyzing a web server policy example.

Original languageEnglish (US)
Number of pages10
StatePublished - 2002
EventProceedings of Seventh ACM Symposium on Access Control Models and Technologies: SACMAT 2002 - Monterey, CA, United States
Duration: Jun 3 2002Jun 4 2002


OtherProceedings of Seventh ACM Symposium on Access Control Models and Technologies: SACMAT 2002
Country/TerritoryUnited States
CityMonterey, CA

All Science Journal Classification (ASJC) codes

  • General Computer Science


Dive into the research topics of 'Managing access control policies using access control spaces'. Together they form a unique fingerprint.

Cite this