Towards coequal authorization for dynamic collaboration

Authors:
Yuqing Sun;Chen Chen
Affiliations:
School of Computer Science and Technology, Shandong University, Jinan, Shandong, China;School of Computer Science and Technology, Shandong University, Jinan, Shandong, China
Venue:
AMT'11 Proceedings of the 7th international conference on Active media technology
Year:
2011

Citing 10
Cited 0

An algebra for composing access control policies

ACM Transactions on Information and System Security (TISSEC)
A propositional policy algebra for access control

ACM Transactions on Information and System Security (TISSEC)
An access control framework for business processes for web services

Proceedings of the 2003 ACM workshop on XML security
Verification and change-impact analysis of access-control policies

Proceedings of the 27th international conference on Software engineering
XACML policy integration algorithms: not to be confused with XACML policy combination algorithms!

Proceedings of the eleventh ACM symposium on Access control models and technologies
Policy Analysis for Administrative Role Based Access Control

CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Defeasible security policy composition for web services

Proceedings of the fourth ACM workshop on Formal methods in security
An approach to evaluate policy similarity

Proceedings of the 12th ACM symposium on Access control models and technologies
Secure Collaboration in a Mediator-Free Distributed Environment

IEEE Transactions on Parallel and Distributed Systems
D-algebra for composing access control policy decisions

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In dynamic collaboration, participants oftentimes need to share resources with each other under the same criteria. However, since each participant has its own authorization policies as a way of controlling resource access, their discrepancies make such collaboration difficult. It is desired to develop a practical and automatic way to generate the collaborative policies for coequal authorizations. In this paper, we investigate this problem by proposing an authorization framework based on the widely adopted XACML policy. Each practical XACML policy is converted into Boolean expressions and further refined as a set of atomic rules against the policy structure. With the rule set, the combination algorithms in policies and the collaboration preference of participants, the collaborative authorization policy is automatically generated. We analyze the consistency of the collaborative policies with previous authorization policies. Some experiments are performed to exam our approach and show that it can efficiently solve the problem of coequal authorizations.