Abstract
In a distributed environment, authorizations are usually physically stored in several computers connected by a network. Each computer may have its own local policies which could conflict with the others. Therefore how to make a global decision from the local authorization policies is a crucial and practical problem for a distributed system. In this paper, three general integration models based on the degrees of node autonomy are proposed, and different strategies of integrating the local policies into the global policies in each model are systematically discussed. The discussion is based on the weighted authorization graph model that we proposed before.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abadi, M., Burrows, M., Lampson, B., Plotkin, G.: A calculus for access control in distributed systems. ACM Trans. on programming languages and systems 15(4), 706–734 (1993)
Jaeger, T., Tidswell, J.E.: Practical safety in flexible access control models. ACM Trans. on Info. and System Security 4(2), 158–190 (2001)
Koch, M., Mancini, L.V., Parisi-Presicce, F.: Administratice Scope in the Graph-Based Framework. In: Proceedings of the ninth ACM Symposium on Access control Models and Technologies, pp. 97–104 (2004)
Lipton, R.J., Snyder, L.: A Linear Time Algorithm for Deciding Subject Security. Journal of the ACM 24(3), 455–464 (1977)
Ruan, C., Varadharajan, V.: A weighted graph approach to authorization delegation and conflict resolution. In: Proceedings of the 9th Australasian Conference on Information Security and Privacy, pp. 402–413 (2004)
Woo, T., Lam, S.: Authorization in distributed systems: a formal approach. In: Proceedings of IEEE on Research in Security and Privacy, pp. 33–50 (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ruan, C., Varadharajan, V. (2006). Integration of Graph Based Authorization Policies. In: Esposito, F., RaÅ›, Z.W., Malerba, D., Semeraro, G. (eds) Foundations of Intelligent Systems. ISMIS 2006. Lecture Notes in Computer Science(), vol 4203. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11875604_42
Download citation
DOI: https://doi.org/10.1007/11875604_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-45764-0
Online ISBN: 978-3-540-45766-4
eBook Packages: Computer ScienceComputer Science (R0)