Models for coalition-based access control (CBAC)

Authors:
Eve Cohen;Roshan K. Thomas;William Winsborough;Deborah Shands
Affiliations:
NAI Labs at Network Associates, Inc., Los Angeles, CA;NAI Labs at Network Associates, Inc., Los Angeles, CA;NAI Labs at Network Associates, Inc., Los Angeles, CA;NAI Labs at Network Associates, Inc., Los Angeles, CA
Venue:
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Year:
2002

Citing 11
Cited 21

Role-Based Access Control Models

Computer
Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Team-and-role-based organizational context and access control for cooperative hypermedia environments

Proceedings of the tenth ACM Conference on Hypertext and hypermedia : returning to our diverse roots: returning to our diverse roots
The ARBAC97 model for role-based administration of roles

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Protection in operating systems

Communications of the ACM
Flexible team-based access control using contexts

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Access control mechanisms for inter-organizational workflow

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management

Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
An Authorization Model for Workflows

ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Scalable access control for distributed object systems

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8

An approach to engineer and enforce context constraints in an RBAC environment

Proceedings of the eighth ACM symposium on Access control models and technologies
Partial outsourcing: a new paradigm for access control

Proceedings of the eighth ACM symposium on Access control models and technologies
An integrated approach to engineer and enforce context constraints in RBAC environments

ACM Transactions on Information and System Security (TISSEC)
An Access Control Model for Web Services in Business Process

WI '04 Proceedings of the 2004 IEEE/WIC/ACM International Conference on Web Intelligence
Secure Interoperation in a Multidomain Environment Employing RBAC Policies

IEEE Transactions on Knowledge and Data Engineering
TrustBAC: integrating trust relationships into the RBAC model for access control in open systems

Proceedings of the eleventh ACM symposium on Access control models and technologies
Development of an access control model, system architecture and approaches for resource sharing in virtual enterprise

Computers in Industry
Coordinated access control with temporal and spatial constraints on mobile execution in coalition environments

Future Generation Computer Systems
Using semantics for automatic enforcement of access control policies among dynamic coalitions

Proceedings of the 12th ACM symposium on Access control models and technologies
Policy decomposition for collaborative access control

Proceedings of the 13th ACM symposium on Access control models and technologies
Group-centric models for secure and agile information sharing

MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
A billion keys, but few locks: the crisis of web single sign-on

Proceedings of the 2010 workshop on New security paradigms
Resource management with X.509 inter-domain authorization certificates (InterAC)

EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Group-Centric Secure Information-Sharing Models for Isolated Groups

ACM Transactions on Information and System Security (TISSEC)
A distributed coalition service registry for ad-hoc dynamic coalitions: a service-oriented approach

DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Efficient database-driven evaluation of security clearance for federated access control of dynamic XML documents

DASFAA'10 Proceedings of the 15th international conference on Database Systems for Advanced Applications - Volume Part I
A credential-based approach for facilitating automatic resource sharing among ad-hoc dynamic coalitions

DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Automatic enforcement of access control policies among dynamic coalitions

ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
An attribute graph based approach to map local access control policies to credential based access control policies

ICISS'05 Proceedings of the First international conference on Information Systems Security
AAA for spontaneous roaming agreements in heterogeneous wireless networks

ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Taking value-networks to the cloud services: security services, semantics and service level agreements

Information Systems and e-Business Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

To effectively participate in modern coalitions, member organizations must be able to share specific data and functionality with coalition partners, while ensuring that their resources are safe from inappropriate access. This requires access control models, policies, and enforcement mechanisms for coalition resources. This paper describes a family of coalition-based access control (CBAC) models, developed to provide a range of expressivity with an accompanying range of implementation complexity. We define the protection state of a system, which provides the semantics of CBAC-based access policies. Finally, we briefly examine some of the issues for coalition access policy development and administration, and them complexity of implementing access enforcement mechanisms in a coalition environment.