Dynamic Adaptation of Access Control Policies

We describe an architecture and algorithms for deriving an access control policy by composing access control requirements specified at multiple levels in a command hierarchy. Our method can detect conflicts in requirements, and find a policy that maximally satisfies the requirements, by satisfying higher priority requirements at the expense of lower priority ones. It also allows for easy verification of the final policy by an administrator. The architecture allows quick adaptation of policies to changing situations, by providing for delegation of authority while ensuring that high priority requirements will always be satisfied.