An RBAC Framework for Time Constrained Secure Interoperation in Multi-domain Environments

Authors:
Smithi Piromruen;James B. D. Joshi
Affiliations:
Department of Information Sciences and Telecommunications, University of Pittsburgh;Department of Information Sciences and Telecommunications, University of Pittsburgh
Venue:
WORDS '05 Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems
Year:
2005

Citing 0
Cited 9

Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy

Proceedings of the eleventh ACM symposium on Access control models and technologies
Inter-domain role mapping and least privilege

Proceedings of the 12th ACM symposium on Access control models and technologies
lightweight decentralized authorization model for inter-domain collaborations

Proceedings of the 2007 ACM workshop on Secure web services
UAQ: a framework for user authorization query processing in RBAC extended with hybrid hierarchy and constraints

Proceedings of the 13th ACM symposium on Access control models and technologies
Establishing RBAC-based secure interoperability in decentralized multi-domain environments

ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Mediator-free secure policy interoperation of exclusively-trusted multiple domains

ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
RAR: A role-and-risk based flexible framework for secure collaboration

Future Generation Computer Systems
A requirements-driven trust framework for secure interoperation in open environments

iTrust'06 Proceedings of the 4th international conference on Trust Management
The RBAC model and implementation architecture in multi-domain environment

Electronic Commerce Research

Quantified Score

Hi-index	0.00

Visualization

Abstract

In emerging e-commerce applications, time constrained information sharing between different systems is becoming a common phenomenon. A flexible and efficient mechanism is needed to support short term time-based sharing policies between transient partners. In particular, the interacting domains need to establish a time-based inter-domain access policy without violating the original time-based security policies of the individual systems. In this paper, we address this issue using the Generalized Temporal Role Based Access Control (GTRBAC) framework. The proposed mechanism involves a system processing an inter-domain access requirement specification to extend or restructure its local GTRBAC policy with proper temporal constraints to allow its external partner domain to access its resources. The transformed local GTRBAC policy facilitates the interdomain accesses while still conforming to the original local policy requirements.