Role-Based Access Control Models
Computer
A survey of approximately optimal solutions to some covering and packing problems
ACM Computing Surveys (CSUR)
Role-based access control in ORACLE7 and Trusted ORACLE7
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
An Oracle implementation of the PRA97 model for permission-role assignment
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The role-based access control system of a European bank: a case study and discussion
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Computers and Intractability: A Guide to the Theory of NP-Completeness
Computers and Intractability: A Guide to the Theory of NP-Completeness
Administrative scope: A foundation for role-based administrative models
ACM Transactions on Information and System Security (TISSEC)
HPDC '03 Proceedings of the 12th IEEE International Symposium on High Performance Distributed Computing
An Integrated Solution for Secure Group Communication in Wide-Area Networks
ISCC '01 Proceedings of the Sixth IEEE Symposium on Computers and Communications
Using trust and risk in role-based access control policies
Proceedings of the ninth ACM symposium on Access control models and technologies
On mutually-exclusive roles and separation of duty
Proceedings of the 11th ACM conference on Computer and communications security
Access-Control Language for Multidomain Environments
IEEE Internet Computing
SERAT: SEcure role mApping technique for decentralized secure interoperability
Proceedings of the tenth ACM symposium on Access control models and technologies
An RBAC Framework for Time Constrained Secure Interoperation in Multi-domain Environments
WORDS '05 Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Secure collaboration in mediator-free environments
Proceedings of the 12th ACM conference on Computer and communications security
Understanding and developing role-based administrative models
Proceedings of the 12th ACM conference on Computer and communications security
Risk assessment in distributed authorization
Proceedings of the 2005 ACM workshop on Formal methods in security engineering
Constraint generation for separation of duty
Proceedings of the eleventh ACM symposium on Access control models and technologies
Role-based access management for ad-hoc collaborative sharing
Proceedings of the eleventh ACM symposium on Access control models and technologies
Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Semantic access control for information interoperation
Proceedings of the eleventh ACM symposium on Access control models and technologies
RoleMiner: mining roles using subset enumeration
Proceedings of the 13th ACM conference on Computer and communications security
Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Web services discovery in secure collaboration environments
ACM Transactions on Internet Technology (TOIT)
PEACE-VO: A Secure Policy-Enabled Collaboration Framework for Virtual Organizations
SRDS '07 Proceedings of the 26th IEEE International Symposium on Reliable Distributed Systems
Migrating to optimal RBAC with minimal perturbation
Proceedings of the 13th ACM symposium on Access control models and technologies
RBAC administration in distributed systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Proactive Role Discovery in Mediator-Free Environments
P2P '08 Proceedings of the 2008 Eighth International Conference on Peer-to-Peer Computing
Online Risk Assessment of Intrusion Scenarios Using D-S Evidence Theory
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Permission Set Mining: Discovering Practical and Useful Roles
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Evaluating role mining algorithms
Proceedings of the 14th ACM symposium on Access control models and technologies
Apply Measurable Risk to Strengthen Security of a Role-Based Delegation Supporting Workflow System
POLICY '09 Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and Networks
On Role Mappings for RBAC-Based Secure Interoperation
NSS '09 Proceedings of the 2009 Third International Conference on Network and System Security
Establishing RBAC-based secure interoperability in decentralized multi-domain environments
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Set covering problems in role-based access control
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Editorial: Special Section: Trusted computing
Future Generation Computer Systems
Hi-index | 0.00 |
Collaboration among virtual organizations enables domains to effectively share resources. However, it also opens ways for several security and privacy breaches; the problem becomes severe along with the increasing complexity and dynamics of grid environments. As such, in this paper, we propose a flexible secure collaboration framework: called RAR (Role-And-Risk). We introduce the architecture of RAR, and two major components of RAR. The first component is for generating inter-domain role mappings (IDRM) as a basis for collaboration. We study the complexity of IDRM while taking the separation of duty constraints and administrative cost into account; it turns out to be intractable for most cases. RAR addresses IDRM related problems by reducing them to well-known problems (e.g., the satisfiability problem SAT), which have been studied for decades and various mature solvers exist in literature. On the other hand, to deal with the dynamics and uncertainty of distributed environments, we employ the notion of risk to monitor and manage the security threat induced by collaboration. RAR's flexibility lies in the tunable interoperability and the use of risk for timely monitoring users' accesses.