Abstract
The need to securely share information on an ad-hoc basis between collaborating entities is increasingly becoming important. We propose a coalition based access control model (CBAC), comprised of three layers: coalition, role and user-object layers. Our model enables translation of coalition level policies to implementation level access control in a manner similar to that of the layers of the TCP/IP protocol. We present a coalition policy translation protocol that allows the implementation level access control details to be piggybacked as the access control policy percolates to the coalition level, and similarly, as the coalition level policy trickles down to the implementation level. Under our approach, a user’s request to access an object belonging to another coalition entity is automatically translated by employing an approach that considers attributes associated with user credentials and objects. Our approach ensures that the individual access control policies of each coalition entity as well as the agreed-upon coalition policies for sharing are enforced.
This work is supported in part by the National Science Foundation under grant IIS-0306838.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bharadwaj, V., Baras, J.: A Framework for Automated Negotiation of Access Control Policies. In: Proceedings of DISCEX III (2003)
Cohen, E., Winsborough, W., Thomas, R., Shands, D.: Models for Coalition-based Access Control (CBAC) In: SACMAT (2002)
Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D., Chandramouli, R.: Proposed NIST Standard for Role-Based Access Control. In: TISSEC (August 2001)
Freudenthal, E., Pesin, T., Port, L., Keenen, E., Karamcheti, V.: dRBAC: Distributed Role-Based Access Control for Dynamic Coalition Environments. In: ICDCS (2002)
Jajodia, S., Samarati, P., Pierangela, S., Maria, L., Subrahmanian, V.S.: Flexible support for multiple access control policies. ACM TODs (June 2001)
Khurana, H., Gavrila, S., Bobba, R., Koleva, R., Sonalker, A., Dinu, E., Gligor, V., Baras, J.: Integrated Security Services for Dynamic Coalitions. In: Proc. of the DISCEX III (2003)
Kuo, Humenn: Dynamically Authorized RBAC for Secure Distributed Computation. In: ACM Workshop for XML Security (November 2002)
Osborn, S., Sandhu, R., Munawer, Q.: Configuring RBAC to Enforce Mandatory and DAC Policies. In: ACM TISSEC (May 2000)
Philips, C., Ting, T.C., Demurjian, S.: Information Sharing and Security in Dynamic Coalitions. In: SACMAT 2002
Philips, C., Charles, E., Ting, T., Demurjian, S.: Towards Information Assurance in Dynamic Coalitions. In: IEEE IAW, USMA (February 2002)
Philips, C., Ting, T.C., Demurjian, S.: Information Sharing and Security in Dynamic Coalitions. In: SACMAT 2002
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Atluri, V., Warner, J. (2004). Automatic Enforcement of Access Control Policies Among Dynamic Coalitions. In: Ghosh, R.K., Mohanty, H. (eds) Distributed Computing and Internet Technology. ICDCIT 2004. Lecture Notes in Computer Science, vol 3347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30555-2_43
Download citation
DOI: https://doi.org/10.1007/978-3-540-30555-2_43
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24075-4
Online ISBN: 978-3-540-30555-2
eBook Packages: Computer ScienceComputer Science (R0)