Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
On the specification and evolution of access control policies
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Information sharing and security in dynamic coalitions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Models for coalition-based access control (CBAC)
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
ACM Transactions on Information and System Security (TISSEC)
Distributed credential chain discovery in trust management
Journal of Computer Security
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Secure mediation: requirements, design, and architecture
Journal of Computer Security - IFIP 2000
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Automatic enforcement of access control policies among dynamic coalitions
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
Secure interoperation for effective data mining in border control and homeland security applications
dg.o '06 Proceedings of the 2006 international conference on Digital government research
Trust management services in relational databases
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Using semantics for automatic enforcement of access control policies among dynamic coalitions
Proceedings of the 12th ACM symposium on Access control models and technologies
Integrating trust management and access control in data-intensive Web applications
ACM Transactions on the Web (TWEB)
Hi-index | 0.00 |
Due to the proliferation of the Internet and web based technologies, today's collaborations among organizations are increasingly short-lived, dynamic, and therefore formed in an ad-hoc manner to serve a specific purpose. Such example environments include web-services, dynamic coalitions, grid computing and ubiquitous computing. These environments necessitate the need for dynamic, efficient and secure sharing of resources among disparate organizations. Although such secure sharing of resources can be achieved by means of traditional access control and authentication mechanisms, they are administratively difficult when the partnerships and interactions are short-lived and constantly changing. When allowing sharing of resources, the organization must ensure that its own security policies are adhered to. Our proposal is to allow users, external to the organization, access to internal resources of the organization, if they possess certain attributes similar to those possessed by the internal users. We begin by first examining the internal security policies within an organization and attempt to map them to credential based policies. In essence, we identify the attributes possessed by internal users relevant to a security policy, and map them to credential attributes that are understood across organizations. Access can then be granted to users once they submit these required credentials with the identified attributes. We present an attribute graph based methodology to accomplish such a mapping. In this paper, we assume that the local access control policies are limited to Role Based Access Control (RBAC) policies.