Using semantics for automatic enforcement of access control policies among dynamic coalitions

Authors:
Janice Warner;Vijayalakshmi Atluri;Ravi Mukkamala;Jaideep Vaidya
Affiliations:
Rutgers University;Rutgers University;Old Dominion University;Rutgers University
Venue:
Proceedings of the 12th ACM symposium on Access control models and technologies
Year:
2007

Citing 13
Cited 9

Deriving concept hierarchies from text

Proceedings of the 22nd annual international ACM SIGIR conference on Research and development in information retrieval
The role-based access control system of a European bank: a case study and discussion

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
Information sharing and security in dynamic coalitions

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Models for coalition-based access control (CBAC)

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A model of OASIS role-based access control and its support for active security

ACM Transactions on Information and System Security (TISSEC)
Supporting structured credentials and sensitive policies through interoperable strategies for automated trust negotiation

ACM Transactions on Information and System Security (TISSEC)
Distributed credential chain discovery in trust management

Journal of Computer Security
Design of a Role-Based Trust-Management Framework

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A logic-based framework for attribute based access control

Proceedings of the 2004 ACM workshop on Formal methods in security engineering
A credential-based approach for facilitating automatic resource sharing among ad-hoc dynamic coalitions

DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Automatic enforcement of access control policies among dynamic coalitions

ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
An attribute graph based approach to map local access control policies to credential based access control policies

ICISS'05 Proceedings of the First international conference on Information Systems Security

Consistency checking of role assignments in inter-organizational collaboration

SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
Foundations for group-centric secure information sharing models

Proceedings of the 14th ACM symposium on Access control models and technologies
Semantic and pragmatic annotation for government information discovery, sharing and collaboration

Proceedings of the 10th Annual International Conference on Digital Government Research: Social Networks: Making Connections between Citizens, Data and Government
A Semantic-Aware Attribute-Based Access Control Model for Web Services

ICA3PP '09 Proceedings of the 9th International Conference on Algorithms and Architectures for Parallel Processing
Delegation assistance

POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Finding information in an era of abundance: Towards a collaborative tagging environment in government

Information Polity - Government 2.0: Making Connections between citizens, data and government
Group-Centric Secure Information-Sharing Models for Isolated Groups

ACM Transactions on Information and System Security (TISSEC)
Support for collaborative situation analysis and planning in crisis management teams using interactive tabletops

Proceedings of the 2013 ACM international conference on Interactive tabletops and surfaces
Using community structure to control information sharing in online social networks

Computer Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

In a dynamic coalition environment, organizations should be able to exercise their own local fine-grained access control policies while sharing resources with external entities. In this paper, we propose an approach that exploits the semantics associated with subject and object attributes to facilitate automatic enforcement of organizational access control policies while resource sharing occurs among coalition members. Our approach relies on identifying the necessary attributes required by external users to gain access to a specific organizational object (or service). Specifically, it consists of extracting user attribute sets that semantically match with the attributes of the objects for which a role has permissions. This relies on a closer examination of why a user is assigned a specific role. These attribute sets are first pruned based on their significance in characterizing a role, which are then checked against those submitted by an external user to decide whether to allow or deny access to the specific object. While our goal in this paper is to support coalition based access control, the proposed approach can also aid in automating the process of role engineering.