Abstract | ||
---|---|---|
Modern collaborative systems such as the Grid computing paradigm are capable of providing resource sharing between users and platforms. These collaborations need to be done in a transparent way among the participants of a virtual organization (VO). A VO may consist of hundreds of users and heterogeneous resources. In order to have a successful collaboration, a list of vital importance requirements should be fulfilled, viz. collaboration among domains, to ensure a secure environment during a collaboration, the ability to enforce usage constraints upon resources, and to manage the security policies in an easy and efficient way. In this article, we propose an enhanced role-based access control model entitled domRBAC for collaborative applications, which is based on the ANSI INCITS 359-2004 access control model. The domRBAC is capable of differentiating the security policies that need to be enforced in each domain and to support collaboration under secure inter-operation. Cardinality constraints along with context information are incorporated to provide the ability of applying simple usage management of resources for the first time in a role-based access control model. Furthermore, secure inter-operation is assured among collaborating domains during role assignment automatically and in real-time. Yet, domRBAC, as an RBAC approach, intrinsically inherits all of its virtues such as ease of management, and separation of duty relationships with the latter also being supported in multiple domains. As a proof of concept, we implement a simulator based on the definitions of our proposed access control model and conduct experimental studies to demonstrate the feasibility and performance of our approach. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1016/j.cose.2012.01.010 | Computers and Security |
Keywords | Field | DocType |
grid computing,rbac,cross-domain authorization,secure inter-operation,resource usage management,access control | Grid computing,Collaboration,Computer science,Computer security,Role-based access control,Access control,Security policy,Shared resource,Separation of duties,Virtual organization | Journal |
Volume | Issue | ISSN |
31 | 4 | 0167-4048 |
Citations | PageRank | References |
9 | 0.58 | 26 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Antonios Gouglidis | 1 | 58 | 9.82 |
Ioannis Mavridis | 2 | 240 | 27.01 |