Paper Info
Title
Enforcing Separation of Duty in Ad Hoc Collaboration
Abstract
By collaboration, domains share resources effectively. To maintain security properties of individual domains during collaboration is a key issue. When domains employing heterogeneous RBAC policies collaborate by crossdomain role-role mappings, their local SMER constraints may be violated. However, the secure interoperation studied so far does not deal with this threat. We presents the requirement for constraint secure interoperation, prohibiting implicit authorizations that break constraints of other member domain. We propose a framework for crossdomain constraint enforcement in dynamic mediator-free ad hoc collaboration. By introducing crossdomain migration of MD-SMERs, the framework ensures the global security in terms of SMERs from individual domains. Specifically, we introduce a bitmap-based history-recording mechanism for collaborating domains to analyze the interplay among innerdomain role hierarchies, crossdomain role-role mappings, and SMER constraints. Algorithms of a fully distributed implementation for the framework and its security proofs are given.
Year
DOI
Venue
2008
10.1109/ICYCS.2008.131
ICYCS
Keywords
Field
DocType
domains share resource,crossdomain role-role mapping,enforcing separation,security proof,crossdomain constraint enforcement,smer constraint,ad hoc collaboration,crossdomain migration,individual domain,security property,break constraint,global security,lead,access control,groupware,authorisation,role based access control,collaboration,authorization,ad hoc networks,it security,separation of duty,robustness,merging,security
Collaborative software,Computer science,Computer security,Role-based access control,Interoperation,Computer network,International security,Access control,Wireless ad hoc network,Hierarchy,Separation of duties,Distributed computing
Conference
Citations 
PageRank 
References 
1
0.36
10
Authors
3
Name
Order
Citations
PageRank
Lingli Deng184.93
Yeping He27714.64
Ziyao Xu343.48