{"title":"集成信任配置文件、信任协商和基于属性的访问控制","authors":"Eugene Sanzi, S. Demurjian, Jack Billings","doi":"10.1109/MobileCloud.2017.30","DOIUrl":null,"url":null,"abstract":"Access to sensitive information is traditionally achieved through an authentication and authorization process via a username/password combination to validate a user's identity that is stored within the system being accessed. This method creates delays before sensitive information can be obtained in the circumstance that the user's identity is previously unknown, due to necessary human intervention during the pre-registration process. To expedite the retrieval of sensitive information in time-critical situations, we propose a new model of trust negotiation that defines a new trust profile that contains a collection of credentials describing the user's access history. The new model of trust negotiation utilizes role-based and attribute-based access control as part of the new trust profile to model the sensitivity of information that is being requested, where access is governed by role and credentials captured in attributes. As a result of our work, an authorization system based on trust negotiation can examine the user's history in detail, decide whether to authorize the user, and add its own record of user access to the user's trust profile that can be utilized in future attempts at access at other locations.","PeriodicalId":106143,"journal":{"name":"2017 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Integrating Trust Profiles, Trust Negotiation, and Attribute Based Access Control\",\"authors\":\"Eugene Sanzi, S. Demurjian, Jack Billings\",\"doi\":\"10.1109/MobileCloud.2017.30\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Access to sensitive information is traditionally achieved through an authentication and authorization process via a username/password combination to validate a user's identity that is stored within the system being accessed. This method creates delays before sensitive information can be obtained in the circumstance that the user's identity is previously unknown, due to necessary human intervention during the pre-registration process. To expedite the retrieval of sensitive information in time-critical situations, we propose a new model of trust negotiation that defines a new trust profile that contains a collection of credentials describing the user's access history. The new model of trust negotiation utilizes role-based and attribute-based access control as part of the new trust profile to model the sensitivity of information that is being requested, where access is governed by role and credentials captured in attributes. As a result of our work, an authorization system based on trust negotiation can examine the user's history in detail, decide whether to authorize the user, and add its own record of user access to the user's trust profile that can be utilized in future attempts at access at other locations.\",\"PeriodicalId\":106143,\"journal\":{\"name\":\"2017 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud)\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MobileCloud.2017.30\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MobileCloud.2017.30","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Integrating Trust Profiles, Trust Negotiation, and Attribute Based Access Control
Access to sensitive information is traditionally achieved through an authentication and authorization process via a username/password combination to validate a user's identity that is stored within the system being accessed. This method creates delays before sensitive information can be obtained in the circumstance that the user's identity is previously unknown, due to necessary human intervention during the pre-registration process. To expedite the retrieval of sensitive information in time-critical situations, we propose a new model of trust negotiation that defines a new trust profile that contains a collection of credentials describing the user's access history. The new model of trust negotiation utilizes role-based and attribute-based access control as part of the new trust profile to model the sensitivity of information that is being requested, where access is governed by role and credentials captured in attributes. As a result of our work, an authorization system based on trust negotiation can examine the user's history in detail, decide whether to authorize the user, and add its own record of user access to the user's trust profile that can be utilized in future attempts at access at other locations.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
