Author:
AbdulKadhim Noor,Al-Wahah Mouiad
Abstract
Abstract
Different domains employ variety of access control rules to protect the resources lay within their perimeters. When trying to access a resource from outside one’s domain, various issues are arising which prevent cooperating among those domains without endangering the security of the protected resources. The main challenge is how to efficiently handle the rights of users throughout the period of interoperation between various domains. In this paper, we propose a semantic-based multi-domain authorization approach that protects the resources on the multiple domains and, at the same time, provides a steady, flexible and secure authorized access to the protected resources. Two algorithms are described, one for single-domain authorization and the other is for multi-domain authorization. Our approach is based on dynamically merging access control policy rules for various domains in one large ontology, then extracting the access decision. We develop a proof-of-concept implementation and give the complexity analysis for our approach.
Subject
General Physics and Astronomy
Reference19 articles.
1. Request-driven role mapping framework for secure interoperation in multi-domain environments;Li;Computer Systems Science and Engineering,2008
2. Modelling privilege management and access control;Blobel;International Journal of Medical Informatics,2006
3. A Logic for Multi-domain Authorization Considering Administrators;Iranmanesh,2008
4. Security policy verification for multi-domains in cloud systems;Gouglidis;International Journal of Information Security,2014
5. Multi-domain authorization and authentication;Edwards;U. S. Patent No. 7
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献