Title :
Smatch Model: Extending RBAC Sessions in Virtualization Environment
Author :
Cuppens-Boulahia, Nora ; Cuppens, Frédéric ; Nuadi, Marie
Author_Institution :
LUSSI Dept., Univ. Eur. de Bretagne, Cesson Sevigne, France
Abstract :
This paper extends RBAC sessions with share ability, reusability and switch ability properties. We define the Smatch (Secure Management of switch) model in which authorized users can join, leave, reopen and reuse dynamic sessions. In Smatch, subjects can also share sessions and dynamically switch their role or function with other subjects from the same or die rent organizations. Subjects can authenticate using their function which will automatically activate the set of roles associated with this function. The Smatch model is based on first order logic with actions. It provides means to specify contextual access control and authentication policies which apply to control functional behavior of dynamic sessions. We suggest an implementation of Smatch using virtual machines.
Keywords :
authorisation; virtual machines; RBAC sessions; Smatch model; access control; authentication policies; first order logic; secure management of switch; virtual machines; virtualization environment; Access control; Authentication; Context; Context modeling; Organizations; Switches; OrBAC; Session; Switch; Virtualization;
Conference_Titel :
Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
Conference_Location :
Vienna
Print_ISBN :
978-1-4577-0979-1
Electronic_ISBN :
978-0-7695-4485-4
DOI :
10.1109/ARES.2011.13
