Abstract
In a multidomain application environment, it is of paramount importance for different organizations to collaborate with each other to facilitate secure interoperation. However, various types of conflicts related to access control constraints may arise as a result of integrating access control policies for individual domains, such as role inheritance violations (RIVs) and separation of duty violations (SoDVs). Current methods solve the conflicts in a centralized way by withdrawing or removing all crossdomain relationships resulting in the violations with the knowledge of all domains. However, these methods are inappropriate for large-scale systems due to their high computational complexity. In this article, we propose a distributed approach to avoid secure conflicts in a multidomain environment. We first model the role inheritance hierarchies of multiple domains as an interoperation graph. We then develop RIVs and SoDVs avoidance algorithms based on the interoperation graph and the communications among different domains. Each domain can execute the algorithms autonomously and in real time by evaluating whether its succeeding activated role can result in RIVs and SoDVs. We show that the new algorithms perform well in contrast to the existing algorithms.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: IEEE Transactions on Systems, Man, and Cybernetics: Systems
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.