Role-Based Access Control Models
Computer
Computational Issues in Secure Interoperation
IEEE Transactions on Software Engineering
A modular approach to composing access control policies
Proceedings of the 7th ACM conference on Computer and communications security
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
A propositional policy algebra for access control
ACM Transactions on Information and System Security (TISSEC)
Task-role-based access control model
Information Systems
Towards a credential-based implementation of compound access control policies
Proceedings of the ninth ACM symposium on Access control models and technologies
A composite rbac approach for large, complex organizations
Proceedings of the ninth ACM symposium on Access control models and technologies
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
Composing and combining policies under the policy machine
Proceedings of the tenth ACM symposium on Access control models and technologies
Verifiable composition of access control and application features
Proceedings of the tenth ACM symposium on Access control models and technologies
PRES: a practical flexible RBAC workflow system
ICEC '05 Proceedings of the 7th international conference on Electronic commerce
Secure Interoperation in a Multidomain Environment Employing RBAC Policies
IEEE Transactions on Knowledge and Data Engineering
Flexible workflow incorporated with RBAC
CSCWD'05 Proceedings of the 9th international conference on Computer Supported Cooperative Work in Design II
Hi-index | 0.00 |
There are increasing requirements for interoperation among distributed multi-domain systems. The key challenge is how to balance security and collaboration. A novel approach is proposed in this paper to support the trusted interoperation. It introduces the notions of effect scope and life condition into role based access control model to restrict permission to be active only in proper environment. Partial inheritance of role hierarchy is presented to support the finely granular access rights as well as the verification algorithms are proposed to maintain security constraints consistent. As an example, XACML-based platform is provided to combine the existent systems for secure interoperation. Without compromising the collaboration, this approach can effectively enforce a layered security policy and can reduce the complexity of security management.