Scalable and Efficient Reasoning for Enforcing Role-Based Access Control
نویسندگان
چکیده
Today, many organizations generate large amount of data and have many users that need only partial access to resources at any time to collaborate in making critical decisions. Thus, there is a need for a scalable access control model that simplifies the management of security policies and handles the heterogeneity inherent in the information system. This paper proposes an ontology-based distributed solution to this problem, with the benefits of being scalable and producing acceptable response times.
منابع مشابه
Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملA Cloud - based Resource and Service Sharing Platform for Computer and Network Security Education
1. Automated Reasoning about Web Access Control Policies via Answer Set Programming Gail-Joon Ahn*, Joohyung Lee*, Hongxin Hu and Yunsong Meng Summary: We introduce a logic-based policy management approach for XACML (eXtensible Access Control Markup Language), which has become the defacto standard for specifying and enforcing access control policies for various applications and services in curr...
متن کاملTowards Ensuring Scalability, Interoperability and Efficient Access Control in a Multi-domain Grid-based Environment
The application of grid computing has been hampered by three basic challenges: scalability, interoperability and efficient access control which need to be optimized before a full-scale adoption of grid computing can take place. To address these challenges, a novel architectural model was designed for a multi-domain grid based environment (built on three domains). It was modelled using the dynam...
متن کاملAuthorization models for secure information sharing: a survey and research agenda
This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کامل