A comparative analysis of methodologies for database schema integration
ACM Computing Surveys (CSUR)
Role-Based Access Control Models
Computer
Computational Issues in Secure Interoperation
IEEE Transactions on Software Engineering
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Formal specification for role based access control user/role and role/role relationship management
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
Providing Security and Interoperation of HeterogeneousSystems
Distributed and Parallel Databases - Security of data and transaction processing
Injecting RBAC to secure a Web-based workflow system
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
Temporal hierarchies and inheritance semantics for GTRBAC
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Models for coalition-based access control (CBAC)
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A graph-based formalism for RBAC
ACM Transactions on Information and System Security (TISSEC)
Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace
Tangled Web: Tales of Digital Crime from the Shadows of Cyberspace
A MAC Policy Framework for Multilevel Relational Databases
IEEE Transactions on Knowledge and Data Engineering
Bottom-Up Construction of Ontologies
IEEE Transactions on Knowledge and Data Engineering
Product Schema Integration for Electronic Commerce-A Synonym Comparison Approach
IEEE Transactions on Knowledge and Data Engineering
Semantic Integration in Heterogeneous Databases Using Neural Networks
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Merging Heterogeneous Security Orderings
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
A Logical Framework for Reasoning on Data Access Control Policies
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
Merging models based on given correspondences
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
X-gtrbac admin: A decentralized administration model for enterprise-wide access control
ACM Transactions on Information and System Security (TISSEC)
Fine-grained role-based delegation in presence of the hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Managing RBAC states with transitive relations
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Partial and Fuzzy Constraint Satisfaction to Support Coalition Formation
Electronic Notes in Theoretical Computer Science (ENTCS)
Secure Information Sharing in a Virtual Multi-Agency Team Environment
Electronic Notes in Theoretical Computer Science (ENTCS)
Web services discovery in secure collaboration environments
ACM Transactions on Internet Technology (TOIT)
Toward a Usage-Based Security Framework for Collaborative Computing Systems
ACM Transactions on Information and System Security (TISSEC)
Migrating to optimal RBAC with minimal perturbation
Proceedings of the 13th ACM symposium on Access control models and technologies
Security Violation Detection for RBAC Based Interoperation in Distributed Environment
IEICE - Transactions on Information and Systems
Separation of Duty in Trust-Based Collaboration
Information Security and Cryptology
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
Secure Interoperation in Multidomain Environments Employing UCON Policies
ISC '09 Proceedings of the 12th International Conference on Information Security
Handling inheritance violation for secure interoperation of heterogeneous systems
International Journal of Security and Networks
Injecting a permission-based delegation model to secure web-based workflow systems
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Establishing RBAC-based secure interoperability in decentralized multi-domain environments
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Mediator-free secure policy interoperation of exclusively-trusted multiple domains
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Proceedings of the 15th ACM symposium on Access control models and technologies
A secure collaboration service for dynamic virtual organizations
Information Sciences: an International Journal
An interoperation framework for secure collaboration among organizations
Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
SecurOntology: A semantic web access control framework
Computer Standards & Interfaces
RAR: A role-and-risk based flexible framework for secure collaboration
Future Generation Computer Systems
Flexible secure inter-domain interoperability through attribute conversion
Information Sciences: an International Journal
xDAuth: a scalable and lightweight framework for cross domain access control and delegation
Proceedings of the 16th ACM symposium on Access control models and technologies
Role-based secure inter-operation and resource usage management in mobile grid systems
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
An approach for trusted interoperation in a multidomain environment
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
An access-control policy based on sharing resource management for a multi-domains environment
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
ASRBAC: a security administration model for mobile autonomic networks (MAutoNets)
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Ontology based hybrid access control for automatic interoperation
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Secure interoperation design in multi-domains environments based on colored Petri nets
Information Sciences: an International Journal
| Hi-index | 0.00 |
Multidomain application environments where distributed multiple organizations interoperate with each other are becoming a reality as witnessed by emerging Internet-based enterprise applications. Composition of a global coherent security policy that governs information and resource accesses in such environments is a challenging problem. In this paper, we propose a policy integration framework for merging heterogeneous Role-Based Access Control (RBAC) policies of multiple domains into a global access control policy. A key challenge in composition of this policy is the resolution of conflicts that may arise among the RBAC policies of individual domains. We propose an integer programming (IP)-based approach for optimal resolution of such conflicts. The optimality criterion is to maximize interdomain role accesses without exceeding the autonomy losses beyond the acceptable limit.