{"title":"MIRBAC: A Role-Based Access Control Model for Multi-Domain Interoperability","authors":"Ting Cai, J. Wang","doi":"10.14257/IJSIA.2017.11.6.01","DOIUrl":null,"url":null,"abstract":"How to achieve both cross-domain authorization and access control in a multi-domain environment and ensuring local autonomy and security are hot research field of network security. Due to the centralized management, traditional access control has been unable to meet the security needs of cross-domain interoperability under a distributed environment. In this article, we introduce three types of inter-domain role relations, such as transitive mapping, non-transitive mapping and restricted access, extend the standard single-domain RBAC model to a multi-domain interoperable environment, and establish a role-based access control model based on multi-domain interoperability (MIRBAC). Compared with the prior studies, MIRBAC model supports separation of duties constraint under multi-domain environments, the security and management flexibility of interdomain authorization is greatly improved. Moreover, based on MIRBAC model, we further research detection method of security violation during interoperability, propose a complete security conflict detection algorithm according to various conflict types caused by implementing interoperability activities, and conduct computational complexity analysis and case analysis of our proposed algorithm. Finally, we develop a prototype system based on the definitions of our proposed model to conduct experimental studies to demonstrate the feasibility and performance of our approach.","PeriodicalId":46187,"journal":{"name":"International Journal of Security and Its Applications","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Security and Its Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.14257/IJSIA.2017.11.6.01","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
How to achieve both cross-domain authorization and access control in a multi-domain environment and ensuring local autonomy and security are hot research field of network security. Due to the centralized management, traditional access control has been unable to meet the security needs of cross-domain interoperability under a distributed environment. In this article, we introduce three types of inter-domain role relations, such as transitive mapping, non-transitive mapping and restricted access, extend the standard single-domain RBAC model to a multi-domain interoperable environment, and establish a role-based access control model based on multi-domain interoperability (MIRBAC). Compared with the prior studies, MIRBAC model supports separation of duties constraint under multi-domain environments, the security and management flexibility of interdomain authorization is greatly improved. Moreover, based on MIRBAC model, we further research detection method of security violation during interoperability, propose a complete security conflict detection algorithm according to various conflict types caused by implementing interoperability activities, and conduct computational complexity analysis and case analysis of our proposed algorithm. Finally, we develop a prototype system based on the definitions of our proposed model to conduct experimental studies to demonstrate the feasibility and performance of our approach.
期刊介绍:
IJSIA aims to facilitate and support research related to security technology and its applications. Our Journal provides a chance for academic and industry professionals to discuss recent progress in the area of security technology and its applications. Journal Topics: -Access Control -Ad Hoc & Sensor Network Security -Applied Cryptography -Authentication and Non-repudiation -Cryptographic Protocols -Denial of Service -E-Commerce Security -Identity and Trust Management -Information Hiding -Insider Threats and Countermeasures -Intrusion Detection & Prevention -Network & Wireless Security -Peer-to-Peer Security -Privacy and Anonymity -Secure installation, generation and operation -Security Analysis Methodologies -Security assurance -Security in Software Outsourcing -Security products or systems -Security technology -Systems and Data Security