An Access-Control Policy Based on Sharing Resource Management for a Multi-domains Environment
This paper proposed an access control policy based on sharing resource management for a multi-domain environment, where multi-domains have coalesced to achieving a common goal and furthermore a root organization domain is trusted by the multi-domains. Role association is defined and used which set up the foundation for our approach. Each domain unifies the management of shared resources via role associations. A new sharing security domain is established, which is based on the extended hierarchy of roles in the root organization domain. The formation rules of the roles and the way of construction of the roles hierarchy in sharing security domain are also introduced. The role association conflicting issues and rules for role maintenance are also analyzed. Our approaches have enhanced the security measures of shared resources and resolved the problems of the domain crossing and covert promotion which exist in other approaches.
KeywordsShared Resource Access Control Model Secure Domain Minimal Role Role Hierarchy
Unable to display preview. Download preview PDF.
- 1.Basit, S., James, B.D., Joshi, M., Elisa, B., Arif, G.: Secure Interoperation in a Multi-domain Environment Employing RBAC Policies. IEEE Transactions on knowledge and data engineering 17(11) (November 2005)Google Scholar
- 2.Franco, A., Fabio, F., Enrico, N., Maurizio, T.: A Layered IT Infrastructure for Secure Interoperability in Personal Data Registry Digital Government Services. In: Proceedings of the 14th International Workshop on Research Issues on Data Engineering: Web Services for E-Commerce and E-Government Applications (RIDE 2004), pp. 95–102 (2004)Google Scholar
- 3.Freudenthal, E., Pesin, T., Port, L., Keenan, E., et al.: dRBAC: Distributed Role-based Access Control for Dynamic Coalition Environments. In: Edward, K. (ed.) Proceedings of the 22nd IEEE International Conference on Distributed Computing Systems (ICDCS), Vienna, Austria, pp. 411–420. IEEE Computer Society, Los Alamitos (2002)Google Scholar
- 4.Jalal, A., Apu, K., Roy, C., Dennis, M.: The A - IRBAC2000 Model: Administrative Interoperable Role-Base Access Control. ACM Transactions on Informatin and Systems Security 3(2), 173–182 (2001)Google Scholar
- 5.Park, J.S., Keith, P.C., Teresa, M.N., Josh, A.D.: A composite rbac approach for large, complex organizations. In: ACM Symposium on Access Control Models and Technologies, pp. 163–172 (2004)Google Scholar
- 6.Kapadia, A., Muhtadi, J.A., Campbell, R.H., et al.: IRBAC 2000: Secure Interoperability Using Dynamic Role Translation. In: Proceedings of The 1st International Conference on Internet Computing (IC 2000), Las Vegas, Nevada, June 2000, pp. 231–238 (2000)Google Scholar
- 7.Mohamed, S., Elisa, B., Arif, G.: SERAT: SEcure role mApping technique for decentra-lized secure interoperability. In: Proceedings of the tenth ACM symposium on Access control models and technologies, June 2005, pp. 159–167 (2005)Google Scholar
- 8.Ravi, S., Edward, C., Hal, F., et al.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)Google Scholar