Abstract
Access control in Multi-Organization Environment is a critical issue. Classical access control models like Role Based Access Control (RBAC) and Organization Based Access Control (orBAC) need some improvements to be used in such environment, where the collaboration is established between organizations and not directly with the clients. In particular, some characteristics of this scenario are that the users may be unknown in advance and/or the behaviors of the users and the organization may change during the collaboration. Hence, in this context the use of trust management with an access control model is recommended.
To achieve this goal in this paper a new model called Trust-orBAC that adds the notion of trust management to orBAC is presented. This approach consists in defining two dynamic trust vectors: one for the organizations and one for users which are based on different parameters such as knowledge, reputation and experience. Finally, we illustrate the use of Trust-orBAC with a case study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bertino, E., Ferrari, E., Squicciarini, A.: Trust negotiations: Concepts, systems, and languages. Computing in Science & Engineering 6, 27–34 (2004)
Chakraborty, S., Ray, I.: TrustBAC: integrating trust relationships into the RBAC model for access control in open systems. In: ACM Symposium on Access Control Models And Technologies, SACMAT 2006. ACM (2006)
Cuppens, F., Cuppens-Boulahia, N., Coma, C.: O2O: Virtual Private Organizations to Manage Security Policy Interoperability. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, pp. 101–115. Springer, Heidelberg (2006)
Abi Haidar, D., Cuppens-Boulahia, N., Cuppens, F., Debar, H.: XeNA: an access negotiation framework using XACML. Annals of Telecommunications 64(1-2), 155–169 (2009)
Jiang, T., Baras, J.S.: Trust credential distribution in autonomic networks. In: Global Communications Conf., GLOBECOM 2008. IEEE (2008)
Cavalli, A., Toumi, K., El Maarabani, M.: Role based interoperability security policies in collaborative systems. In: Int. Symposium on Security in Collaboration Technologies and Systems. IEEE Press (2012)
El Kalam, A.A., Deswarte, Y., Baina, A., Kaaniche, M.: PolyOrBAC: A security framework for critical infrastructures. Int. Journal on Critical Infrastructure Protection 2(4), 154–169 (2009)
Kamel, M., Laborde, R., Benzekri, A., Barrere, F.: A best practices-oriented approach for establishing trust chains within virtual organisations. In: Enterprise Distributed Object Computing Conf. Workshops, EDOCW 2008. IEEE (2008)
Tu Phan Le, C., Cuppens, F., Cuppens, N., Maillé, P.: Evaluating the Trustworthiness of Contributors in a Collaborative Environment. In: Bertino, E., Joshi, J.B.D. (eds.) CollaborateCom 2008. LNICST, vol. 10, pp. 451–460. Springer, Heidelberg (2009)
Liu, D., Zic, J.: Policy-Based Attestation of Service Behavior for Establishing Rigorous Trust. In: Meersman, R., Dillon, T.S., Herrero, P. (eds.) OTM 2010, Part I. LNCS, vol. 6426, pp. 240–255. Springer, Heidelberg (2010)
Mammar, A., Cavalli, A., Jimenez, W., Mallouli, W., de Oca, E.M.: Using Testing Techniques for Vulnerability Detection in C Programs. In: Wolff, B., Zaïdi, F. (eds.) ICTSS 2011. LNCS, vol. 7019, pp. 80–96. Springer, Heidelberg (2011)
Marmol, F.G., Perez, G.M.: Security threats scenarios in trust and reputation models for distributed systems. Computers & Security 28(7), 545–556 (2009)
Komarova, M., Riguidel, M.: Adjustable Trust Model for Access Control. In: Rong, C., Jaatun, M.G., Sandnes, F.E., Yang, L.T., Ma, J. (eds.) ATC 2008. LNCS, vol. 5060, pp. 429–443. Springer, Heidelberg (2008)
Ray, I., Chakraborty, S.: A Vector Model of Trust for Developing Trustworthy Systems. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 260–275. Springer, Heidelberg (2004)
Ray, I., Ray, I., Chakraborty, S.: An interoperable context sensitive model of trust. Journal of Intelligent Information Systems 32(1), 75–104 (2009)
Resnick, P., Zeckhauser, R., Friedman, E., Kuwabara, K.: Reputation systems. Communications of the ACM 43(12) (2000)
Sacha, K.: Trust Management Languages and Complexity. In: Meersman, R., Dillon, T., Herrero, P., Kumar, A., Reichert, M., Qing, L., Ooi, B.-C., Damiani, E., Schmidt, D.C., White, J., Hauswirth, M., Hitzler, P., Mohania, M. (eds.) OTM 2011, Part II. LNCS, vol. 7045, pp. 588–604. Springer, Heidelberg (2011)
Toumi, K., Andrés, C., Cavalli, A., El Maarabani, M.: A vector based model approach for defining trust in multi-organization environments. In: 7th Int. Conf. on Risks and Security of Internet and Systems, CRISIS 2012. IEEE Computer Society Press (in press, 2012)
Wang, Y., Li, L.: Two-dimensional trust rating aggregations in service-oriented applications. IEEE Transactions on Services Computing 4(4), 257–271 (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Toumi, K., Andrés, C., Cavalli, A. (2012). Trust-orBAC: A Trust Access Control Model in Multi-Organization Environments. In: Venkatakrishnan, V., Goswami, D. (eds) Information Systems Security. ICISS 2012. Lecture Notes in Computer Science, vol 7671. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35130-3_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-35130-3_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35129-7
Online ISBN: 978-3-642-35130-3
eBook Packages: Computer ScienceComputer Science (R0)