مرکز منطقه ای اطلاع رساني علوم و فناوري - Visualization framework for inter-domain access control policy integration

DocumentCode :

109949

Title :

Visualization framework for inter-domain access control policy integration

Author :

Pan Li ; Liu Ning ; Zi Xiaochao

Author_Institution :

Sch. of Electron. Inf. & Electr. Eng., Shanghai Jiao Tong Univ., Shanghai, China

Volume :

Issue :

fYear :

2013

fDate :

Mar-13

Firstpage :

Lastpage :

Abstract :

The rapid increase in resource sharing across domains in the cloud computing environment makes the task of managing inter-domain access control policy integration difficult for the security administrators. Although a number of policy integration and security analysis mechanisms have been developed, few focus on enabling the average administrator by providing an intuitive cognitive sense about the integrated policies, which considerably undermines the usability factor. In this paper we propose a visualization framework for inter-domain access control policy integration, which integrates Role Based Access Control (RBAC) policies on the basis of role-mapping and then visualizes the integrated result. The role mapping algorithm in the framework considers the hybrid role hierarchy. It can not only satisfy the security constraints of non-cyclic inheritance and separation of duty but also make visualization easier. The framework uses role-permission trees and semantic substrates to visualize the integrated policies. Through the interactive policy query visualization, the average administrator can gain an intuitive understanding of the policy integration result.

Keywords :

authorisation; data visualisation; RBAC policies; cloud computing environment; hybrid role hierarchy; interactive policy query visualization; interdomain access control policy integration; intuitive cognitive sense; noncyclic inheritance; noncyclic separation; resource sharing; role based access control policies; role mapping algorithm; role-permission trees; security administrators; security analysis mechanisms; security constraints; semantic substrates; usability factor; visualization framework; Access control; Cloud computing; Information management; Network security; Resource management; Semantics; Visualization; policy integration; policy visualization; role based access control; role mapping;

fLanguage :

English

Journal_Title :

Communications, China

Publisher :

ieee

ISSN :

1673-5447

Type :

jour

DOI :

10.1109/CC.2013.6488831

Filename :

6488831

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=109949