Title :
Integrating Trust and Role for Secure Interoperation in Multi-Domain Environment
Author :
Lu, Jianfeng ; Li, Ruixuan ; Lu, Zhengding ; Li, Bing
Author_Institution :
Huazhong Univ. of Sci. & Technol., Wuhan
Abstract :
Traditional access control disciplines such as RBAC has difficulty in covering open and decentralized multi-centric systems because it has focused on a closed system where all users are known and primarily utilizes a server-side reference monitor within the system. Trust management has relaxed this known user restriction and allowed authorize for strangers based on their credentials. However, trust management has also been found to be lacking because of certain inherent drawbacks with the notion of credential. In this work, a new access control model T&RBAC is presented in this paper. It integrates RBAC and TM. User can be assigned to local roles, also can be assigned to foreign roles based on his credential and local roles. We proof that there is no security constraints in T&RBAC. To some extends, T&RBAC is only a core model and can be extended for specific requirement.
Keywords :
authorisation; decentralized multicentric systems; multidomain environment; role-based access control; secure interoperation; server-side reference monitor; trust management; user restriction; Access control; Collaborative work; Computer science; Control systems; Digital control; Distributed computing; Educational institutions; Environmental management; Information security; Open systems; Interoperation; Multi-Domain; RBAC; Trust Management;
Conference_Titel :
Information Security and Assurance, 2008. ISA 2008. International Conference on
Conference_Location :
Busan
Print_ISBN :
978-0-7695-3126-7
DOI :
10.1109/ISA.2008.30
