A Cross-Domain Access Control Method for Large Organizations

Chao Wang; Ji Zhou Chen; Yu Jun Liu; An Qi Li

doi:10.4028/www.scientific.net/AMM.513-517.941

Paper Titles

New Delay-Dependent Stability Criteria for Recurrent Neural Networks with Time-Varying Delays
p.922

Extending Linear Temporal Logic with Clocks to Object-Z
p.927

On the Potential of Web Services in Network Management
p.931

The Observer Pattern Research Based on rCOS
p.936

A Cross-Domain Access Control Method for Large Organizations
p.941

Cap Detection Algorithm Based on Pixel Measurement
p.947

Application of Multi-Computer Communication among Single-Chip Microcomputers on Distributed Data Acquisition
p.951

Design of Tunnel Personnel Positioning System Based on Android
p.956

Research and Development of Mobile Termination for the Steel Quality Evaluation System Based on Android
p.960

HomeApplied Mechanics and MaterialsApplied Mechanics and Materials Vols. 513-517A Cross-Domain Access Control Method for Large...

A Cross-Domain Access Control Method for Large Organizations

Abstract:

In order to eliminate the security threats faced by the information systems of large organizations which usually involve multiple autonomous domains, this paper introduces an architecture of access control collaboration, which takes a distributed authoritative domain as the leading core of the unified cross-domain access control. Through applying the ABAC model in the authoritative domain, the global strategies formulated by the authoritative domain can be compatible with those local strategies of each autonomous domain. The global strategies are designed to be described by a group of authoritative attributes, which are limited in quantity but adequate to generalize all the subjects within the global scope. For system realization, a rule-based dynamic mechanism of attributes conversion is used to automatically generate the information of authoritative attributes. The cross-domain access control method in this paper can be directly applied to typical large organizations, such as government, military and large enterprises.

You might also be interested in these eBooks

View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 513-517)

Pages:

941-946

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.513-517.941

Citation:

Cite this paper

Online since:

February 2014

Authors:

Chao Wang*, Ji Zhou Chen, Yu Jun Liu, An Qi Li

Keywords:

Authoritative Attribute, Authoritative Domain, Autonomous Domain, Cross-Domain Access Control, Information System, Large Organization

Export:

RIS, BibTeX

Price:

Permissions:

Request Permissions

* - Corresponding Author

References

[1] B.W. Lampson. Protection[C]. ACM SIGOPS Operating System Review, 8(1): 18-24, January (1974).

Google Scholar

[2] D. Bell, L. LaPadula. Secure Computer System: Mathematical Foundations[J]. MITRE, Technical Report MTR 2547, 1973: 23-27.

Google Scholar

[3] David Ferriaolo, Richard Kulm. Role-based Access Controls[C]. In Proceedings of 15th NIST-NCSC National Computer Security Conference, (1992).

Google Scholar

[4] Kapadia A, Muhtadi J, et al. IRBAC2000: Secure Interoperability Using Dynamic Role Translation[R]. University of Illinois, 2000: 34-39.

Google Scholar

[5] Liao JunGuo, Hong Fan, Zhang Zhao. Web Information Security Management of Associations in the IRBAC 2000 Model[C]. WISA 2006: Conference on Web Information System and Applications, Nanjing, 2006: 1019—1022.

Google Scholar

[6] Chen Bin, Yang Geng. The P-IRBAC 2000 model: Permission Management for Interoperable Role-Based Access Control[C]. 2007 2nd International Conference on Pervasive Computing and Applications, IEEE, 2007: 430-435.

DOI: 10.1109/icpca.2007.4365482

Google Scholar

[7] T. Priebe, E.B. Fernandez, J.I. Mehlau, G. Pernul. A Pattern System for Access Control[C]. 18th Annual IFIPWG Working Conference on Data and Application Security, Spain, July 2004: 235-249.

DOI: 10.1007/1-4020-8128-6_16

Google Scholar

[8] Shen Hai-bo, Hong Fan. Research on Attribute-based Authorization and Access Control[J]. Journal of Computer Applications, 2007, 27(1).

Google Scholar

[9] Long Yi-hong, Lin Zhi-xin, Zhang Hai-song, Tang Zhi-hong. A Cross-domain Access Control Technology based on Authorization Intermediary and Authority Mapping[J]. Network Security Technology & Application, 2009(2).

Google Scholar

[10] Wang Ya-zhe, Feng Deng-guo. A Survey of Research on Inter-Domain Authorization Interoperation[J]. Journal of Computer Research and Development, 2010, 47(10): 1673-1689.

Google Scholar