An Access-Control Policy Based on Sharing Resource Management for a Multi-domains Environment

Zhu, Hong; Duan, Sujuan; Hong, Fan; Lü, Kevin

doi:10.1007/11839569_42

An Access-Control Policy Based on Sharing Resource Management for a Multi-domains Environment

Hong Zhu²⁰,
Sujuan Duan²⁰,
Fan Hong²⁰ &
…
Kevin Lü²¹

Conference paper

784 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 4158))

Abstract

This paper proposed an access control policy based on sharing resource management for a multi-domain environment, where multi-domains have coalesced to achieving a common goal and furthermore a root organization domain is trusted by the multi-domains. Role association is defined and used which set up the foundation for our approach. Each domain unifies the management of shared resources via role associations. A new sharing security domain is established, which is based on the extended hierarchy of roles in the root organization domain. The formation rules of the roles and the way of construction of the roles hierarchy in sharing security domain are also introduced. The role association conflicting issues and rules for role maintenance are also analyzed. Our approaches have enhanced the security measures of shared resources and resolved the problems of the domain crossing and covert promotion which exist in other approaches.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Basit, S., James, B.D., Joshi, M., Elisa, B., Arif, G.: Secure Interoperation in a Multi-domain Environment Employing RBAC Policies. IEEE Transactions on knowledge and data engineering 17(11) (November 2005)
Google Scholar
Franco, A., Fabio, F., Enrico, N., Maurizio, T.: A Layered IT Infrastructure for Secure Interoperability in Personal Data Registry Digital Government Services. In: Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and E-Government Applications (RIDE 2004), pp. 95–102 (2004)
Google Scholar
Freudenthal, E., Pesin, T., Port, L., Keenan, E., et al.: dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments. In: Edward, K. (ed.) Proceedings of the 22nd IEEE International Conference on Distributed Computing Systems (ICDCS), Vienna, Austria, pp. 411–420. IEEE Computer Society, Los Alamitos (2002)
Google Scholar
Jalal, A., Apu, K., Roy, C., Dennis, M.: The A - IRBAC2000 Model: Administrative Interoperable Role-Base Access Control. ACM Transactions on Informatin and Systems Security 3(2), 173–182 (2001)
Google Scholar
Park, J.S., Keith, P.C., Teresa, M.N., Josh, A.D.: A composite rbac approach for large, complex organizations. In: ACM Symposium on Access Control Models and Technologies, pp. 163–172 (2004)
Google Scholar
Kapadia, A., Muhtadi, J.A., Campbell, R.H., et al.: IRBAC 2000: Secure Interoperability Using Dynamic Role Translation. In: Proceedings of The 1st International Conference on Internet Computing (IC 2000), Las Vegas, Nevada, June 2000, pp. 231–238 (2000)
Google Scholar
Mohamed, S., Elisa, B., Arif, G.: SERAT: SEcure role mApping technique for decentra-lized secure interoperability. In: Proceedings of the tenth ACM symposium on Access control models and technologies, June 2005, pp. 159–167 (2005)
Google Scholar
Ravi, S., Edward, C., Hal, F., et al.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Google Scholar
Ravi, S., Venkata, B., Qamar, M.: The ARBAC97 Model for Role-Based Administration of Roles. ACM Transactions on Information and System Security 2(1), 105–135 (1999)
Article Google Scholar
Vijayalakshmi, A., Janice, W.: Automatic Enforcement of Access Control Policies Among Dynamic Coalitions. In: Ghosh, R.K., Mohanty, H. (eds.) ICDCIT 2004. LNCS, vol. 3347, pp. 369–378. Springer, Heidelberg (2004)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

Huazhong University of Science and Technology, Wuhan, Hubei, 430074, P.R. China
Hong Zhu, Sujuan Duan & Fan Hong
BBS, Brunel University, Room76, Tin Building, Uxbridge, UB8 3PH, UK
Kevin Lü

Authors

Hong Zhu
View author publications
You can also search for this author in PubMed Google Scholar
Sujuan Duan
View author publications
You can also search for this author in PubMed Google Scholar
Fan Hong
View author publications
You can also search for this author in PubMed Google Scholar
Kevin Lü
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Computer Science, St. Francis Xavier University, Antigonish, Canada
Laurence T. Yang
Services Computing Technology and System Lab Cluster and Grid Computing Lab School of Computer Science and Technology, Huazhong University of Science and Technology, 430074, Wuhan, China
Hai Jin
Hosei University, 184-8584, Tokyo, Japan
Jianhua Ma
Department of Computer Science, University of Augsburg, 86135, Augsburg, Germany
Theo Ungerer

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Zhu, H., Duan, S., Hong, F., Lü, K. (2006). An Access-Control Policy Based on Sharing Resource Management for a Multi-domains Environment. In: Yang, L.T., Jin, H., Ma, J., Ungerer, T. (eds) Autonomic and Trusted Computing. ATC 2006. Lecture Notes in Computer Science, vol 4158. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11839569_42

Download citation

DOI: https://doi.org/10.1007/11839569_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-38619-3
Online ISBN: 978-3-540-38622-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics