Fuzzy sets and fuzzy logic: theory and applications
Fuzzy sets and fuzzy logic: theory and applications
Computational Issues in Secure Interoperation
IEEE Transactions on Software Engineering
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
PKI: It's Not Dead, Just Resting
Computer
Access Control and Trust in the Use of Widely Distributed Services
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Can We Eliminate Certificate Revocations Lists?
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Access-Control Language for Multidomain Environments
IEEE Internet Computing
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Modeling Decisions: Information Fusion and Aggregation Operators (Cognitive Technologies)
Modeling Decisions: Information Fusion and Aggregation Operators (Cognitive Technologies)
Graph-theoretic method for merging security system specifications
Information Sciences: an International Journal
A trust degree based access control in grid environments
Information Sciences: an International Journal
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
Use of XACML Policies for a Network Access Control Service
Proceedings of the 2005 conference on Applied Public Key Infrastructure: 4th International Workshop: IWAP 2005
Providing early resource allocation during emergencies: The mobile triage tag
Journal of Network and Computer Applications
A secure collaboration service for dynamic virtual organizations
Information Sciences: an International Journal
Aggregating trust using triangular norms in the keynote trust management system
STM'10 Proceedings of the 6th international conference on Security and trust management
Ontology-Based RBAC specification for interoperation in distributed environment
ASWC'06 Proceedings of the First Asian conference on The Semantic Web
A heterogeneous network access service based on PERMIS and SAML
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
Ontology based hybrid access control for automatic interoperation
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Federated management of the Future Internet: status and challenges
International Journal of Network Management
Secure interoperation design in multi-domains environments based on colored Petri nets
Information Sciences: an International Journal
| Hi-index | 0.07 |
The access control policy of an application that is composed of interoperating components/services is defined in terms of the access control policies enforced by the respective services. These individual access control policies are heterogenous in the sense that the services may be independently developed and managed and it is not practical to assume that all policies are defined with respect to some uniform domain vocabulary of policy attributes. A framework is described that provides a domain mapping for heterogenous policies. A fuzzy-based conversion mechanism determines the degree to which an access control attribute of one (service) policy may safely interoperate with an access control attribute of another (service) policy. The approach is scalable in the sense that it is not necessary to a priori specify every pairwise policy interoperation relationship, rather, where obvious interpretations exist then policy relationships are specified, while other relationships are inferred using the fuzzy mechanism.