Skip to main content
SpringerLink
Log in

Establishing RBAC-Based Secure Interoperability in Decentralized Multi-domain Environments

  • Conference paper
Information Security and Cryptology - ICISC 2007 (ICISC 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4817))

Included in the following conference series:

Abstract

Establishing interoperability is the first and foremost problem of secure interoperation in multi-domain environments. In this paper, we propose a framework to facilitate the establishment of secure interoperability in decentralized multi-domain environments, which employ Role-Based Access Control (RBAC) policies. In particular, we propose a method for setting up interoperating relationships between domains by combining role mappings and assignments of permissions to foreign roles. A key challenge in the establishment of secure interoperability is to guarantee security of individual domains in presence of interoperation. We present rules which regulate the interoperability. These rules ensure that constraints of RBAC policies are respected when cross-domain accesses are allowed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bonatti, P., Sapino, M., Subrahmanian, V.: Merging heterogeneous security orderings. In: Proceedings of the 4th European Symposium on Research in Computer Security, Rome, Italy, pp. 183–197 (September 1996)

    Google Scholar 

  2. Chen, H., Li, N.: Constraint generation for separation of duty. In: ACM Symposium on Access Control Models and Technologies, Lake Tahoe, California, USA, pp. 130–138. ACM Press, New York (2006)

    Google Scholar 

  3. Clark, D.D., Wilson, D.R.: A comparison of commercial and military computer security policies. In: IEEE Symposium on Security and Privacy, pp. 184–195. IEEE Computer Society Press, Los Alamitos (1987)

    Google Scholar 

  4. Dawson, S., Qian, S., Samarati, P.: Providing security and interoperation of heterogeneous systems. Distributed and Parallel Databases 8(1), 119–145 (2000)

    Article  Google Scholar 

  5. Du, S., Joshi, J.B.D.: Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy. In: ACM Symposium on Access Control Models and Technologies, pp. 228–236. ACM Press, New York (2006)

    Google Scholar 

  6. Ferraiolo, D.F., Sandhu, R.S., Gavrila, S.I., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. 4(3), 224–274 (2001)

    Article  Google Scholar 

  7. Gong, L., Qian, X.: Computational issues in secure interoperation. Software Engineering, IEEE Transactions on 22(1), 43–52 (1996)

    Article  Google Scholar 

  8. Jin, J., Ahn, G.-J.: Role-based access management for ad-hoc collaborative sharing. In: ACM Symposium on Access Control Models and Technologies, pp. 200–209. ACM Press, New York (2006)

    Google Scholar 

  9. Kapadia, A., Al-Muhtadi, J., Campbell, R.H., Mickunas, M.D.: IRBAC 2000: Secure interoperability using dynamic role translation. In: Proceedings of the 1st International Conference on Internet Computing, pp. 231–238 (2000)

    Google Scholar 

  10. Li, N., Bizri, Z., Tripunitara, M.V.: On mutually-exclusive roles and separation of duty. In: ACM Conference on Computer and Communications Security, pp. 42–51. ACM Press, New York (2004)

    Google Scholar 

  11. Pan, C.-C., Mitra, P., Liu, P.: Semantic access control for information interoperation. In: ACM Symposium on Access Control Models and Technologies, pp. 237–246. ACM Press, New York (2006)

    Google Scholar 

  12. Piromruen, S., Joshi, J.B.D.: An RBAC framework for time constrained secure interoperation in multi-domain environments. In: the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems, pp. 36–45. IEEE Computer Society Press, Los Alamitos (2005)

    Chapter  Google Scholar 

  13. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29(2), 38–47 (1996)

    Google Scholar 

  14. Shafiq, B., Joshi, J., Bertino, E., Ghafoor, A.: Secure interoperation in a multidomain environment employing rbac policies. IEEE Trans. Knowl. Data Eng. 17(11), 1557–1577 (2005)

    Article  Google Scholar 

  15. Shehab, M., Bertino, E., Ghafoor, A.: Secure collaboration in mediator-free environments. In: ACM Conference on Computer and Communications Security, pp. 58–67. ACM Press, New York (2005)

    Google Scholar 

  16. Shehab, M., Bertino, E., Ghafoor, A.: SERAT: SEcure Role mApping Technique for decentralized secure interoperability. In: ACM Symposium on Access Control Models and Technologies, pp. 159–167. ACM Press, New York (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China

    Jinwei Hu, Ruixuan Li & Zhengding Lu

Authors
  1. Jinwei Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ruixuan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhengding Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Kil-Hyun Nam Gwangsoo Rhee

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hu, J., Li, R., Lu, Z. (2007). Establishing RBAC-Based Secure Interoperability in Decentralized Multi-domain Environments. In: Nam, KH., Rhee, G. (eds) Information Security and Cryptology - ICISC 2007. ICISC 2007. Lecture Notes in Computer Science, vol 4817. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-76788-6_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-76788-6_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-76787-9

  • Online ISBN: 978-3-540-76788-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation