Computational Issues in Secure Interoperation

Authors:
Li Gong;Xiaolei Qian
Affiliations:
SRI International, Menlo Park, CA;SRI International, Menlo Park, CA
Venue:
IEEE Transactions on Software Engineering
Year:
1996

Citing 11
Cited 40

Integrating security in a large distributed system

ACM Transactions on Computer Systems (TOCS)
A Hookup Theorem for Multilevel Security

IEEE Transactions on Software Engineering
Federated database systems for managing distributed, heterogeneous, and autonomous databases

ACM Computing Surveys (CSUR) - Special issue on heterogeneous databases
Formal Models for Computer Security

ACM Computing Surveys (CSUR)
Protection in operating systems

Communications of the ACM
Computers and Intractability; A Guide to the Theory of NP-Completeness

Computers and Intractability; A Guide to the Theory of NP-Completeness
Towards Security in an Open Systems Federation

ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
Canonical Security Modeling for Federated Databases

Proceedings of the IFIP WG 2.6 Database Semantics Conference on Interoperable Database Systems (DS-5)
Protection

ACM SIGOPS Operating Systems Review
The Typed Access Matrix Model

SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
The Complexity and Composability of Secure Interoperation

SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy

Providing Security and Interoperation of HeterogeneousSystems

Distributed and Parallel Databases - Security of data and transaction processing
A view-based access control model for CORBA

Secure Internet programming
Digital Government Security Infrastructure Design Challenges

Computer
Enhancing Disjunctive Datalog by Constraints

IEEE Transactions on Knowledge and Data Engineering
Guest Editorial: Introduction to the Special Section

IEEE Transactions on Software Engineering
Establishing Business Rules for Inter-Enterprise Electronic Commerce

DISC '00 Proceedings of the 14th International Conference on Distributed Computing
CHAOS: An Active Security Mediation System

CAiSE '00 Proceedings of the 12th International Conference on Advanced Information Systems Engineering
Merging Integration Solutions for Architecture and Security Mismatch

ICCBSS '02 Proceedings of the First International Conference on COTS-Based Software Systems
Scalable Regulation of Inter-enterprise Electronic Commerce

WELCOM '01 Proceedings of the Second International Workshop on Electronic Commerce
Maintaining the confidentiality of interoperable databases with a multilevel federated security system

Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Access-Control Language for Multidomain Environments

IEEE Internet Computing
Using certified policies to regulate E-commerce transactions

ACM Transactions on Internet Technology (TOIT)
SERAT: SEcure role mApping technique for decentralized secure interoperability

Proceedings of the tenth ACM symposium on Access control models and technologies
Distributed Access Management in Multimedia IDCs

Computer
Secure Interoperation in a Multidomain Environment Employing RBAC Policies

IEEE Transactions on Knowledge and Data Engineering
Secure collaboration in mediator-free environments

Proceedings of the 12th ACM conference on Computer and communications security
X-gtrbac admin: A decentralized administration model for enterprise-wide access control

ACM Transactions on Information and System Security (TISSEC)
Privacy-preserving semantic interoperation and access control of heterogeneous databases

ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy

Proceedings of the eleventh ACM symposium on Access control models and technologies
Semantic access control for information interoperation

Proceedings of the eleventh ACM symposium on Access control models and technologies
Web services discovery in secure collaboration environments

ACM Transactions on Internet Technology (TOIT)
Workflow authorisation in mediator-free environments

International Journal of Security and Networks
GPE4CGSP: interoperability between heterogeneous grid infrastructures

CHINA HPC '07 Proceedings of the 2007 Asian technology information program's (ATIP's) 3rd workshop on High performance computing in China: solution approaches to impediments for high performance computing
Security Violation Detection for RBAC Based Interoperation in Distributed Environment

IEICE - Transactions on Information and Systems
Separation of Duty in Trust-Based Collaboration

Information Security and Cryptology
Secure Interoperation in Multidomain Environments Employing UCON Policies

ISC '09 Proceedings of the 12th International Conference on Information Security
Handling inheritance violation for secure interoperation of heterogeneous systems

International Journal of Security and Networks
Establishing RBAC-based secure interoperability in decentralized multi-domain environments

ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Mediator-free secure policy interoperation of exclusively-trusted multiple domains

ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
A secure collaboration service for dynamic virtual organizations

Information Sciences: an International Journal
An interoperation framework for secure collaboration among organizations

Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Flexible secure inter-domain interoperability through attribute conversion

Information Sciences: an International Journal
Secure interoperation of identity managements among different circles of trust

Computer Standards & Interfaces
Role-based secure inter-operation and resource usage management in mobile grid systems

WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
An approach for trusted interoperation in a multidomain environment

ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Ontology-Based RBAC specification for interoperation in distributed environment

ASWC'06 Proceedings of the First Asian conference on The Semantic Web
A framework for verification and optimal reconfiguration of event-driven role based access control policies

Proceedings of the 17th ACM symposium on Access Control Models and Technologies
On the Prevention of Fraud and Privacy Exposure in Process Information Flow

INFORMS Journal on Computing
Federated management of the Future Internet: status and challenges

International Journal of Network Management
Secure interoperation design in multi-domains environments based on colored Petri nets

Information Sciences: an International Journal

Quantified Score

Hi-index	0.01

Visualization

Abstract

Advances in distributed systems and networking technology have made interoperation not only feasible but also increasingly popular. We define the interoperation of secure systems and its security, and prove complexity and composability results on obtaining optimal and secure interoperation. Most problems are NP-complete even for systems with very simple access control structures, while for a general setting the problem is undecidable. Nevertheless, composability reduces complexity in that secure global interoperation can be obtained incrementally by composing secure local interoperation. We illustrate, through an application in secure database interoperation, how these theoretical results can help system designers in practice.