Secure Interoperation in Multidomain Environments Employing UCON Policies

Authors:
Jianfeng Lu;Ruixuan Li;Vijay Varadharajan;Zhengding Lu;Xiaopu Ma
Affiliations:
Intelligent and Distributed Computing Lab, College of Computer Sci. and Tech., Huazhong University of Sci. and Tech., Wuhan, P.R. China 430074;Intelligent and Distributed Computing Lab, College of Computer Sci. and Tech., Huazhong University of Sci. and Tech., Wuhan, P.R. China 430074;Department of Computing, Macquarie University, Australia 2109;Intelligent and Distributed Computing Lab, College of Computer Sci. and Tech., Huazhong University of Sci. and Tech., Wuhan, P.R. China 430074;Intelligent and Distributed Computing Lab, College of Computer Sci. and Tech., Huazhong University of Sci. and Tech., Wuhan, P.R. China 430074
Venue:
ISC '09 Proceedings of the 12th International Conference on Information Security
Year:
2009

Citing 10
Cited 1

Computational Issues in Secure Interoperation

IEEE Transactions on Software Engineering
Conflicts in Policy-Based Distributed Systems Management

IEEE Transactions on Software Engineering
Providing Security and Interoperation of HeterogeneousSystems

Distributed and Parallel Databases - Security of data and transaction processing
An algebra for composing access control policies

ACM Transactions on Information and System Security (TISSEC)
IRBAC 2000: Secure Interoperability Using Dynamic Role Translation

IRBAC 2000: Secure Interoperability Using Dynamic Role Translation
The UCONABC usage control model

ACM Transactions on Information and System Security (TISSEC)
A logical specification for usage control

Proceedings of the ninth ACM symposium on Access control models and technologies
SERAT: SEcure role mApping technique for decentralized secure interoperability

Proceedings of the tenth ACM symposium on Access control models and technologies
Secure Interoperation in a Multidomain Environment Employing RBAC Policies

IEEE Transactions on Knowledge and Data Engineering
Formal model and policy specification of usage control

ACM Transactions on Information and System Security (TISSEC)

Usage control model specification in XACML policy language

CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

Ensuring secure interoperation in multidomain environments based on role based access control (RBAC) has drawn considerable research works in the past. However, RBAC primarily consider static authorization decisions based on subjects' permissions on target objects, and there is no further enforcement during the access. Recently proposed usage control (UCON) can address these requirements of access policy representation for temporal and time-consuming problems. In this paper, we propose a framework to facilitate the establishment of secure interoperability in multidomain environments employing Usage Control (UCON) policies. In particular, we propose an attribute mapping technique to establish secure context in multidomain environments. A key challenge in the establishment of secure interoperability is to guarantee security of individual domains in presence of interoperation. We study how conflicts arise and show that it is efficient to resolve the security violations of cyclic inheritance and separation of duty.