多域环境下安全互操作性的信任传播策略

2008 International Conference on Information Management, Innovation Management and Industrial Engineering Pub Date : 2008-12-19 DOI:10.1109/ICIII.2008.48

Luo Xin, Yang Yi-xian, Niu Xin-xin, Hu Zheng-ming

{"title":"多域环境下安全互操作性的信任传播策略","authors":"Luo Xin, Yang Yi-xian, Niu Xin-xin, Hu Zheng-ming","doi":"10.1109/ICIII.2008.48","DOIUrl":null,"url":null,"abstract":"Access control is one of the most important issues of secure interoperability between domains. Role-based access control (RBAC) is a technology that has been proposed as an alternative approach to traditional access control mechanisms both to simplify the task of access control administration and to directly support function-based access control. This model maps users to roles and roles to permissions, making policy authorization simplified since the amount of roles are much fewer than users. Role hierarchies are the RBAC relevant extensions and they also are instrumental in reducing the complexity of role and authorization specification. In this paper, a framework for a multi-domain environment where RBAC policies have been employed is provided. Then, the theory of Hierarchical RBAC and modeling Hierarchical RBAC using role graphs are discussed in detail. Finally, role hierarchy governing read and write access to objects are studied via an example.","PeriodicalId":185591,"journal":{"name":"2008 International Conference on Information Management, Innovation Management and Industrial Engineering","volume":"18 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Trust Propagation Policy for Secure Interoperability in Multi-domain Environments\",\"authors\":\"Luo Xin, Yang Yi-xian, Niu Xin-xin, Hu Zheng-ming\",\"doi\":\"10.1109/ICIII.2008.48\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Access control is one of the most important issues of secure interoperability between domains. Role-based access control (RBAC) is a technology that has been proposed as an alternative approach to traditional access control mechanisms both to simplify the task of access control administration and to directly support function-based access control. This model maps users to roles and roles to permissions, making policy authorization simplified since the amount of roles are much fewer than users. Role hierarchies are the RBAC relevant extensions and they also are instrumental in reducing the complexity of role and authorization specification. In this paper, a framework for a multi-domain environment where RBAC policies have been employed is provided. Then, the theory of Hierarchical RBAC and modeling Hierarchical RBAC using role graphs are discussed in detail. Finally, role hierarchy governing read and write access to objects are studied via an example.\",\"PeriodicalId\":185591,\"journal\":{\"name\":\"2008 International Conference on Information Management, Innovation Management and Industrial Engineering\",\"volume\":\"18 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-12-19\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2008 International Conference on Information Management, Innovation Management and Industrial Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIII.2008.48\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 International Conference on Information Management, Innovation Management and Industrial Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIII.2008.48","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

访问控制是域间安全互操作性的重要问题之一。基于角色的访问控制(RBAC)是作为传统访问控制机制的替代方法而提出的一种技术，它既简化了访问控制管理的任务，又直接支持基于功能的访问控制。该模型将用户映射到角色，将角色映射到权限，简化了策略授权，因为角色的数量远远少于用户的数量。角色层次结构是与RBAC相关的扩展，它们还有助于降低角色和授权规范的复杂性。本文提供了一个适用于RBAC策略的多域环境的框架。然后，详细讨论了层次RBAC的理论和基于角色图的层次RBAC建模。最后，通过实例研究了控制对象读写访问的角色层次结构。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Trust Propagation Policy for Secure Interoperability in Multi-domain Environments

Access control is one of the most important issues of secure interoperability between domains. Role-based access control (RBAC) is a technology that has been proposed as an alternative approach to traditional access control mechanisms both to simplify the task of access control administration and to directly support function-based access control. This model maps users to roles and roles to permissions, making policy authorization simplified since the amount of roles are much fewer than users. Role hierarchies are the RBAC relevant extensions and they also are instrumental in reducing the complexity of role and authorization specification. In this paper, a framework for a multi-domain environment where RBAC policies have been employed is provided. Then, the theory of Hierarchical RBAC and modeling Hierarchical RBAC using role graphs are discussed in detail. Finally, role hierarchy governing read and write access to objects are studied via an example.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2008 International Conference on Information Management, Innovation Management and Industrial Engineering

自引率

0.00%

发文量