Composing Heterogenous Access Policies between Organizations
نویسندگان
چکیده
One crucial aspect of information technology for e-Society is security, where authorization is one of the three important factors, besides availability and integrity. During the past years Role-Based Access Control (RBAC) has been proven a sound method of modeling the authorization within an organization. Recently we introduced a novel distributed concept RBAC which is based on distributed generation and administration of access rules through distributed authorization spheres. In this approach called Modular Authorization, we were able to provide techniques for a decentralized definition of access policies, which are inherited along the organizational structure. But in an e-Society exchange of information and therefore access to information is not limited to a single organization. In this paper we present an extended version of the Modular Authorization which allows to define access policies across the boundaries of an organization, thus taking into account both distributed and heterogeneous authorization structures.
منابع مشابه
Validation of Policy Integration Using Alloy
Organizations typically have multiple security policies operating together in the same system. The integration of multiple policies might be needed to achieve the desired security requirements. Validating this integrated policy is a non-trivial process. This paper addresses the problem of composing, modeling and validating the security policies. We show how the various approaches for composing ...
متن کاملUsing Parameterized UML to Specify and Compose Access Control Models
Abstract: Situations can arise in which organizations have to merge policies that are based on different access control frameworks, such as Role Based Access Control (RBAC) and Mandatory Access Control (MAC). Integrating policies requires addressing the following question: How will the integration impact access to protected resources? In particular, one needs to determine that the integration d...
متن کاملModeling Role-Based Access Control Using Parameterized UML Models
Organizations use Role-Based Access Control (RBAC) to protect computer-based resources from unauthorized access. There has been considerable work on formally specifying RBAC policies but there is still a need for RBAC policy specification techniques that can be integrated into software design methods. This paper describes a method for incorporating specifications of RBAC policies into UML desig...
متن کاملRewriting-Based Access Control Policies
In this paper we propose a formalization of access control policies based on term rewriting. The state of the system to which policies are enforced is represented as an algebraic term, what allows to model many aspects of the policy environment. Policies are represented as sets of rewrite rules, whose evaluation produces deterministic authorization decisions. We discuss the relation between pro...
متن کاملSituation of Linkage between Sexual and Reproductive Health and HIV-Related Policies in Islamic Republic of Iran – A Rapid Assessment in 2011–2
The number of sexual transmission of HIV is increasing globally. Sexual and Reproductive Health (SRH) issues and HIV/AIDS related problems are rooted in common grounds such as poverty, gender inequality, and social exclusion. As a result, international health organizations have suggested the integration of SRH services with HIV/AIDS services as a strategy to control HIV and to improve people’s ...
متن کامل