On Optimizing Compatible Security Policies in Wireless Networks

Open Access
Research Article
Part of the following topical collections:
  1. Wireless Network Security 2006


This paper deals with finding the maximum number of security policies without conflicts. By doing so we can remove security loophole that causes security violation. We present the problem of maximum compatible security policy and its relationship to the problem of maximum acyclic subgraph, which is proved to be NP-hard. Then we present a polynomial-time approximation algorithm and show that our result has approximation ratio Open image in new window for any integer Open image in new window with complexity Open image in new window .


Information System Wireless Network Approximation Algorithm System Application Approximation Ratio 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Dunlop N, Indulska J, Raymond K: Methods for conflict resolution in policy-based management systems. Proceedings of 7th IEEE International Enterprise Distributed Object Computing Conference (EDOC '03), September 2003, Brisbane, Queensland, Australia 98–109.Google Scholar
  2. 2.
    Abadi M: Logic in access control. Proceedings of 18th Annual IEEE Symposium on Logic in Computer Science, June 2003, Ottawa, Ontario, Canada 228–233.Google Scholar
  3. 3.
    Jajodia S, Samarati P, Subrahmanian VS: A logical language for expressing authorizations. Proceedings of IEEE Symposium on Security and Privacy, May 1997, Oakland, Calif, USA 31–42.Google Scholar
  4. 4.
    Newman A: Approximating the maximum acyclic subgraph, M.S. thesis. Department of Electrical Engineering and Computer Science, Massachusetts Institute of Technology, Cambridge, Mass, USA; 2000.Google Scholar
  5. 5.
    Schneider FB: Enforceable security policies. ACM Transactions on Information and System Security 2000,3(1):30–50. 10.1145/353323.353382CrossRefGoogle Scholar
  6. 6.
    Walker D: A type system for expressive security policies. Symposium on Principles of Programming Languages (POPL '00), January 2000, Boston, Mass, USA 254–267.Google Scholar
  7. 7.
    Hoagland JA, Pandey R, Levitt KN: Security policy specification using a graphical approach. In Tech. Rep. CSE-98–3. University of California, Davis Department of Computer Science, Davis, Calif, USA; July 1998.Google Scholar
  8. 8.
    Bell DE, LaPadula LJ: Secure computer systems: mathematical foundations and model. In Tech. Rep. M74–244. MITRE Corporation, Bedford, Mass, USA; 1973.Google Scholar
  9. 9.
    Sandhu RS, Coyne EJ, Feinstein HL, Youman CE: Role-based access control models. Computer 1996,29(2):38–47. 10.1109/2.485845CrossRefGoogle Scholar
  10. 10.
    Sandhu RS, Samarati P: Access control: principles and practice. IEEE Communications Magazine 1994,32(9):40–48. 10.1109/35.312842CrossRefGoogle Scholar
  11. 11.
    Blaze M, Feigenbaum J, Lacy J: Decentralized trust management. Proceedings of IEEE Symposium on Security and Privacy, May 1996, Oakland, Calif, USA 164–173.Google Scholar
  12. 12.
    Bartal Y, Mayer A, Nissim K, Wool A: Firmato: a novel firewall management toolkit. Proceedings of IEEE Symposium on Security and Privacy, May 1999, Oakland, Calif, USA 17–31.Google Scholar

Copyright information

© Scott C.-H. Huang et al. 2006

This article is published under license to BioMed Central Ltd. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Authors and Affiliations

  1. 1.Computer Science DepartmentCity University of Hong KongKowloonHong Kong
  2. 2.Telecommunications and Information Technology InstituteFlorida International UniversityMiamiUSA

Personalised recommendations