Negotiating Access Control Policies Between Autonomous Domains
نویسندگان
چکیده
Autonomous policy domains often need to share resources to accomplish a common task. To do this they must negotiate a common access control policy to the shared resources. We use mathematical techniques from game theory to show that the outcome of such negotiations can often be predicted from the distribution of power among the participants, independent of the actual mechanics of negotiation. We discuss the axiomatic derivation of some game theoretic solution concepts, and illustrate our techniques with examples.
منابع مشابه
Towards Automated Negotiation of Access Control Policies
We examine the problem of negotiating access control policies between autonomous domains. Our objective is to develop software agents that can automatically negotiate access control policies between autonomous domains with minimal human guidance. In this paper we show a mathematical framework that is capable of expressing many such negotiation problems, and illustrate its application to some pr...
متن کاملAccess control in ultra-large-scale systems using a data-centric middleware
The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...
متن کاملAdministering Access Control in Dynamic Coalitions
Dynamic coalitions enable autonomous domains to achieve common objectives by sharing resources based on negotiated resource-sharing agreements. A major requirement for administering dynamic coalitions is the availability of a comprehensive set of access control tools. In this paper we discuss the design, implementation, evaluation, and demonstration of such tools. In particular, we have develop...
متن کاملMeta-Policies for Distributed Role-Based Access Control Systems
In this paper meta-policies for access control policies are presented. There has been a lot of research into the various ways of specifying policy for a single domain. Such domains are autonomous and can be managed by the users or by a specific system administrator. It is often helpful to have a more general policy description in order to restrict the ways in which policy can be modified. Meta-...
متن کاملReasoning about Joint Administration of Access Policies for Coalition Resources
We argue that joint administration of access policies for a dynamic coalition formed by autonomous domains requires that these domains set up a coalition authority that distributes attribute certificates authorizing access to policy objects (e.g., ACLs). Control over the issuance of such certificates is retained by member domains separately holding shares of the joint coalition authority’s priv...
متن کامل