Secure Interoperation in Multidomain Environments Employing UCON Policies
نویسندگان
چکیده
Ensuring secure interoperation in multidomain environments based on role based access control (RBAC) has drawn considerable research works in the past. However, RBAC primarily consider static authorization decisions based on subjects’ permissions on target objects, and there is no further enforcement during the access. Recently proposed usage control (UCON) can address these requirements of access policy representation for temporal and time-consuming problems. In this paper, we propose a framework to facilitate the establishment of secure interoperability in multidomain environments employing Usage Control (UCON) policies. In particular, we propose an attribute mapping technique to establish secure context in multidomain environments. A key challenge in the establishment of secure interoperability is to guarantee security of individual domains in presence of interoperation. We study how conflicts arise and show that it is efficient to resolve the security violations of cyclic inheritance and separation of duty.
منابع مشابه
A Requirements-Driven Trust Framework for Secure Interoperation in Open Environments
A key challenge in emerging multi-domain open environments is the need to establish trust-based, loosely coupled partnerships between previously unknown domains. An efficient trust framework is essential to facilitate trust negotiation based on the service requirements of the partner domains. While several trust mechanisms have been proposed, none address the issue of integrating the trust mech...
متن کاملSecure Interoperation in Heterogeneous Systems based on Colored Petri Nets
In a multi-domains application environment, where distributed multiple organizations interoperate with each other, the local access control policies should correspondingly be integrated in order to allow users of one organization to interact with other domains. One of the key challenges of integrating policies is conflict detection and resolution while preserving policy consistency. This paper ...
متن کاملTrust-Based Constraint-Secure Interoperation for Dynamic Mediator-Free Collaboration
By collaboration, domains share resources effectively. To maintain security properties of individual domains during collaboration is a key issue. When domains employing heterogeneous RBAC policies collaborate via crossdomain role-role mappings, their locally-defined separation of duty constraints face the risk of breaching. We present the requirements for constraint-secure interoperation, prohi...
متن کاملThe Research of Access Control Based on UCON in the Internet of Things
In this paper, we introduce the internet of things and related architecture and protocols, and the family of usage control (UCON) models, which integrate authorizations (A), obligations (B), and conditions (C). The UCON is a generalization of access control to cover authorizations, obligations, conditions, continuity (ongoing controls), and mutability. In the internet of things’ highly dynamic,...
متن کاملRole-Based Secure Inter-operation and Resource Usage Management in Mobile Grid Systems
Dynamic inter-domain collaborations and resource sharing comprise two key characteristics of mobile Grid systems. However, interdomain collaborations have proven to be vulnerable to conflicts that can lead to privilege escalation. These conflicts are detectable in interoperation policies, and occur due to cross-domain role relationships. In addition, resource sharing requires to be enhanced wit...
متن کامل